Information Security Senior Consultant
EY GDS (Global Delivery Services) means 40.000 specialists providing globally IT, HR, finance, project management and strategic business services to EY member firms. In addition we deliver support and solutions to clients from all over the world.
As a Senior Consultant within our Strategy, Risk, Compliance & Resilience (SRCR) competency, you will help EY Clients to evaluate the effectiveness and efficiencies of their cybersecurity and resiliency programs in the context of the business growth and operations strategies. You will belong to an international team of specialists, creating value for EY Clients, leveraging holistic view on cybersecurity plans of their organizations and contributing towards their business resilience. You will identify deficiencies and deliver recommendations along with guidelines to improve cyber resilience.
Skills and attributes for success:
- Minimum 3 years of experience in the field of Information Security Information Management and/or IT Controls with expertise including below areas (the more, the better):
- Assuring the conformity to regulations, norms and standards such as: ISO27001, NIST, TISAX or any other ISMS governance systems,
- IT Controls such as: IT General Controls (ITGC), IT Application Controls (ITAC), IT SOX Compliance, SSAE16, business cycle controls (BCCs) review, general computer controls (GCCs), Segregation of duties analysis, etc,
- Implementation of the risk management plans, business continuity program assessments,
- Performing audits or reviews of ISMS systems and/or IT general controls
- Good understanding of the enterprise architecture, business functions and operations.
- Domain knowledge in Cybersecurity, including: governance, IT infrastructure security and risk management, cyber program assessments including cyber transformation and enterprise resilience.
- Demonstrate excellent interpersonal skills, inspire teamwork and responsibility with engagement team members
- Very good command of English
What we look for:
- Analytical and problem solving ability, ability to work effectively as a team member, observant with an eye for detail
- Ability to critically review IT processes to identify controls gaps and weaknesses
- Ability to liaise with stakeholders and strong project management skills
- Professionals certificates in: CISA, CISSP, CISM, ISO27001 will be a value add, but are not mandatory.
What working at EY offers:
- Opportunity to develop technical and non-technical skills in a truly global environment
- Variety of platforms for upskilling including but not limited to Udemy for business, on-site trainings, language classes, etc.
- Flexible full time working hours with respect to your work life balance
- Modern and well located office in Warsaw or Wroclaw with fresh work environment
- Perks / benefits: private health care (incl. family, parents, in-laws & dental care), life insurance, sport groups, MultiSport, Benefitsystem, theatre and cinema tickets, shopping vouchers, etc.
- Interesting top technology transformation projects with global impact
Join us in building a better working world.
For further information, and to apply, please visit our website via the “Apply” button below.