Senior Consultant, Cyber Security, Manchester
Want to be part of a market leading Cyber Practice?
Cyber Security is one of the most important risks facing businesses today. As the reliance on technology grows, the risks increase also. Cyber Security is now a critical board agenda item. Our clients are overwhelmingly turning to EY for help and guidance on how to protect their assets, minimise business disruption and improve security as they continue to exploit technology and the Internet of things (IoT). The opportunity
At EY, we have large scale plans to expand our already market leading Cyber Security practice and anticipate continued growth throughout the next five years. We need excellent people to join us and be part of our exciting growth strategy .
Being part of a dynamic, growing organisation offers an exciting career path full of opportunity. EY's UK Cyber Practice is part of a global cyber team of over 1600 professionals focused on delivering cutting edge information security assessment, security transformation programmes, cyber threat management, identity and access management, data protection and privacy, and resilience services. We are part of a wider advisory organisation that collectively comprise a $7.5 billion and growing global advisory practice with 50,000 professionals. With an overall global Advisory market of $150 billion, there's tremendous potential for growth - and we're prepared to tap into that potential. Your key responsibilities
As a Consultant or Senior Consultant in our UK Cyber Security practice, you will be working within IT Risk and Security and will have exposure to Cyber Security assessments and work in teams to deliver security implementations or remediation programmes. We don't expect you to have formal experience of market facing business development activity but you will be expected to be able to identify opportunities where policies, procedures, or process require improvement to strengthen security.
You will have responsibility for:
· Working across a portfolio of cyber engagements with our clients, reporting to a Manager or Senior Manager, responsible for the day to day completion of security assessments or delivering elements of a security transformation programme
· Working with team members, you will create high quality reports, ready for Manager or Senior Manager review
· Where possible, you will identify opportunities for EY to assist our clients further and escalate these potential areas to the engagement manager
· Establishing and building a network of contacts across EY and peer networks within our clients
· Assisting the engagement manager with the planning and delivery phases of engagements
· Contributing to the creation of proposals and marketing material
· Ensuring your work is delivered on time and on budget
· Contributing to the development of the existing Cyber Security team by sharing knowledge, setting an example, and helping team members to develop. Skills and attributes for success
A broad background across security and experience in 1 or more of the following areas would be beneficial:
· Security strategy, assessment, and design and implementation
· Governance frameworks over processes, controls, organisation and infrastructure
· Security transformation programmes - design and management of security solution implementations and/or remediation programmes to address risks across AV, patching, secure build, vulnerability scanning & remediation, logging and monitoring, segregation, threat management, user awareness
· Identity and access management (IDAM), assessing current IDAM practices and designing solutions to improve JML processes, privileged access and recertification programmes
· Breach and incident management, design and implementation of breach and major incident management practices
· Security policies and procedures, design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, ISO27001, NIST, SANS etc.
· Data privacy, implementation of data protection / GDPR programmes to address confidentiality and security over customer, employee or patient data.
· Resilience, design, and implementation of programmes to improve IT Disaster Recovery, Business Continuity
· Cyber awareness programmes, design and delivery of Cyber Security awareness programmes to executive level or wider organisation
· Security over operational technology and control systems (SCADA)
· Experience in working with Internet of Things solutions, working with clients to implement security within these environments
· Experience in working within agile development environments to embed security successfully into systems prior to product / production release
· Security architecture - creating secure architecture designs for solutions, designing secure patterns for reuse and the delivery of architectural reviews using TOGAF or SABA
· Security around emerging technology platforms - mobile device platforms (iOS, Android), cloud services (IaaS, PaaS, SaaS), Big Data, Social media
Highly motivated, you will be a good communicator with the ability to contribute assuredly to technical security discussions with peers and management. You will be a team player who is not only looking to enhance their own career, but recognises the value in working well with others and the value of teamwork. To qualify for the role you must have
· Experience in information and Cyber Security is essential for this role.
· Strong academic record, to degree level or equivalent industry experience
· Project and programme related qualifications; Prince II, Scrum, Agile
· Security relation qualifications such as CISSP, CISM, CISMP, ISO27001 lead implementer or auditor, MBCI, IAPP Ideally, you'll also have
A Big 4 background or comparable management consulting experience is helpful, although EY will provide ongoing training and support to develop your consulting skills. We welcome applicants with industry experience and skills delivering transformation workstreams or security remediation work. What we look for
Highly motivated, a good communicator you will need to convey technical content in business language with senior management. You'll also need to be a team player who is not only looking to enhance their own career, but recognises the value in developing others and strengthening the team. Core consulting skills -
Advanced data & evidence management, client management on remediation programmes, driving innovation & continuous improvement Technical skills -
Strong technical insight, practical knowledge & capability in your specialist capability Versatility -
Proven ability to adapt and learn in an innovative environment What working at EY offers
We offer a competitive remuneration package. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus we offer:
- Support, coaching and feedback from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that's right for you
EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance. About EY
As a global leader in assurance, tax, transaction and advisory services, we're using the finance products, expertise and systems we've developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we'll make our ambition to be the best employer by 2020 a reality. If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible. Join us in building a better working world. Apply now.