Position summary:
- Working across a portfolio of IT Risk and Cyber engagements with our clients, responsible for the day to day completion of IT assessment and Security asssessment or delivering elements of a security transformation programs.
- Working with team members you will create high quality reports, ready for review by a Manager or Senior Manager.
- Where possible, you will identify opportunities for EY to assist our clients further and escalate these potential areas to the engagement manager.
- Working with colleagues in other services areas and support our clients’ cyber security needs.
- Working with the engagement manager you will assist with the planning and delivery phases of engagements
- Contributing to the creation of proposals and marketing material
- Ensuring your work is delivered on time and on budget
- Contributing to the development of the existing cybersecurity team by sharing knowledge, leading by example and helping team members to develop.
Educational background & certifications:
- Bachelor degree in Infosec/Computer Science/Computer Engineering/MIS, or equivalent programs.
- An advance degree, such as MBA, Master degree is a plus;
Requirements for Cyber Security Consultant position:
- At least 1 year of work experience in IT risks and Cybersecurity deployment projects
- An understanding of IT risk and security methodologies, best practice and industry standards
- Well communicating and defining the cybersecurity requirements with clients and teams and develop the solutions that meets the client’s expectations.
- Security relation qualifications such as CISA, ISO27001 lead implementer or auditor, CEH, IAPP is preferred Hands-on experience with key components of Cybersecurity including Penetration Testing, Red teaming, Vulnerability management, Network & Infrastructure security, managed detection and response.
- Risk and compliance, security architecture, data protection, privacy, security awareness would be an asset
- Undergraduate in one of the following areas: Information Security, Business Management, Information Systems, Computer Science, Engineering, and other related majors
- Expert knowledge and practical experience with common frameworks, standards and methodologies used such as MITRE, OWASP, NIST Cybersecurity, IS 27001/2.
- Practical experience with conducting penetration tests and executing red team engagements.
- Proven book of business and ability to lead and grow a team.
- Possession/working towards the following certifications: OSCP, OSCE, GPEN, GWAPT
- Familiarity with or knowledge of cybersecurity in Industrial Control Systems and Operational Technology an asset.
Other skills and requirements:
- Good skills in presentation, interpretation, facilitation, team management and other soft skills;
- Strong analytical, critical thinking, research capability and problem solving skills.
- Having solid business consulting skills and be able to work consultatively on a strategic or operational level.
- Significant consulting experience or individuals who have gained project and technology delivery experience within large recognized organizations.
- High degree of experience presenting to customers and industry groups is required.
- Strong interpersonal skills required.
- Demonstrated leadership and relationship-building skills, ability to lead teams of consultant, clients and vendor resources.
- Self-motivated and ambitious with ability to motivate others.
- Take responsibility for your team, your work and your client.
- Be hungry for personal success, learning and promotion.
- Excellent oral and written English communication skills, with the ability to interact effectively with all levels of management.
- Ability to travel both domestically and internationally.