EY Technologysupports our technology needs through three business units:
- Information Security (Info Sec) - Info Sec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems.
- Client Technology (CT) - focuses on developing new technology services for our clients. It enables EY to identify new technology-based opportunities faster, and pursue those opportunities more rapidly.
- Enterprise Technology (ET) – ET supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. ET will also support our internal technology needs by focusing on a better user experience.
Join our Security Consulting team in Information Security and help EY manage IT security risk. As a part of the team you will be working alongside the Enterprise Technology project teams and responsible for identifying security risk and providing security requirements and ensuring compliance to security policies and procedures.
Your key responsibilities
- A security liaison between EY (development and operations) and Information Security
- Collaborate with Security Consulting team and project team members
- Influence project teams and other stakeholders on security controls / due diligence
- Performing risk assessment and risk management for applications and infrastructure solutions
- Development and delivery of security artifacts and security requirements to project teams
Skills and attributes for success
- Strong organization skills
- Curiosity and eagerness to learn
- Initiative to seek out opportunities and add value
- Knowledge of information security standards, principles and practices required
- Understanding of IT risk
- Application security and some development experience
- Appreciation for technological innovation
- Understanding of the OWASP Top 10 application security risks and how to address them.
To qualify for the role you must have
- Two years of technical or non-technical experience in Information Security
- Excellent communication skills
- Ability to juggle multiple projects and priorities
- Two or more years of technical experience in development of information systems
Ideally, you’ll also have
- SAP expirience
- An SSCP or Associate of ISC(2) designation
- Experience in technical arena such as networking, development, or administration
- Experience in a global organization
What we look for
A security enthusiast who learns by doing. A skilled communicator who knows how to listen. An ethical partner who leads by example. A colleague who seeks out ways to improve our delivery.
We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:
- Support, coaching and feedback from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that’s right for you