Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

EY Application Security Architect - EY Global Delivery Services 
Argentina, Autonomous City of Buenos Aires, Buenos Aires 
751797688

01.12.2024

As a Security Consultant, the individual will provide security guidance to internal IT project teams responsible for delivering ET and Info Sec IT solutions, with a focus on Networking / infrastructure technology. The Security Consultant will identify and prioritize security-related requirements, promote secure-by-default designs and ensure information systems and infrastructure will be secured throughout the system development life cycle (SDLC) in an agile environment.

Skills and attributes for success

  • Solid background in IT risk assessments, and knowledge of good security practices and controls used in applications and infrastructure.
  • A solid understanding of security and security tools in 1 or many of the following areas: network, operating systems, databases, encryption, access controls
  • Translate technical vulnerabilities and security risks into business risk terminology for business units and recommend corrective actions to customers and project stakeholders.
  • Ability to document and produce meaningful artefacts on risk assessments, engagement Statements of Work, process, minimum security baselines and presentations on security risks.
  • Manage customer expectations and deliver quality security consulting services while balancing business objectives with security requirements.
  • Ability to partner with technical teams in a practical manner when conflicting interests arise while preserving EY core security principles and policies.
  • Ability to proactively lead, own and research security related subject matters when required to take a position or resolve issues.
  • Ability to lead a cross functional team to facilitate and enhance the understanding & compliance to security policies.

To qualify for the role, you must have

  • A minimum of 8-10 years of experience in an Information Security or Information Technology discipline.
  • Working experience in performing security risk assessments for information systems and developing appropriate risk treatment and mitigation options to address security risks identified during security reviews or risk assessments.
  • Excellent interpersonal, communication, organizational and project management skills.
  • Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change.

Ideally, you’ll also have

  • An SSCP or other ISC(2) designation
  • One or more years of experience with application development, Agile Methodology, DevOps, Continuous Integration / Continuous Delivery, and IoT security.
  • Knowledge or experience with cloud services (e.g. Azure, AWS, etc…) and security of those cloud services and applications.
  • Knowledge of common information security standards and risk analysis methodologies, such as: ISO 27001/27002, NIST, PCI, COBIT, ISF IRAM2, and OWASP.