Business Security Consultant
Ernst & Young Global Limited
Wrocław, All, Poland
‎11 godz. temu

About EY GDS :

EY Global Delivery Services means 31.000 specialists providing globally IT, HR, finance, project management and strategic business services to EY member firms.

In addition we deliver support and solutions to clients from all over the world. .

EY GDS Technology :

Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently.

We have 250,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day.

Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients.

Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.

EYTechnology supports ourtechnology needs through three business units :

ClientTechnology (CT) - focuses on developing new technology services for ourclients. It enables EY to identifynew technology-based opportunities faster, and pursue those opportunities morerapidly.

EnterpriseWorkplace Technology (EWT) EWT supports our Core Business Servicesfunctions and will deliver fit-for-purpose technology infrastructure at thecheapest possible cost for quality services.

EWT will also support our internaltechnology needs by focusing on a better user experience.

Information Security (Info Sec) - Info Sec prevents, detects, responds andmitigates cyber-risk, protecting EY and client data, and our informationmanagement systems.

The opportunity : The Security Consultant reports to Deputy CISO for Client Technology in a hands-on role focused on the security architecture and design for applications processes sensitive data and providing critical business services.

The architect works directly with Architects, Developers, IAM engineers and other resources through collaboration and mentoring to deliver business solutions.

The Security Consultant’s role is a technical position which will support the development of security strategies and architecture vision as it relates to the design, build, deployment and operation of business applications and related infrastructure in support of Firm growth strategy

Your keyresponsibilities

This position is an individual contributor capable ofsupporting multiple project teams in the design, implementation andcertification of security controls across IT systems.

This requires knowledge of various IT systemarchitecture and Cloud technology, as well as supporting technology such asIAM, network security, firewalls, user account management, audit and logging,and other security concepts as outlined in ISO27001, OWASP and related securitystandards.

Also, should have knowledgeof 3rd Party security assessments and applicability of SOC1 and SOC2reports and concepts of vendor risk management.

Skillsand attributes for success

Significant working security experience and knowledge inthe design, implementation and operation of security controls in the followingareas :

  • Agile & DevOps Methodologies Experience as acontributing member of a balanced team within an Agile development or DevOpsenvironment.
  • Application Security - Experience with the design ofsecurity controls for multi-tier business solutions including the design ofapplication-level access and entitlement management, data tenancy andisolation, encryption, and logging.
  • Working familiarity with REST API andmicroservices architecture.

  • Cloud Security Technical understanding of virtualization, cloud infrastructure, and publiccloud offerings and experience designing security configuration and controlswithin cloud based solutions in Microsoft Azure and Azure PAAS services
  • Infrastructure Security Experience with the integrationof common infrastructure security technologies and solutions into businesssolution architectures including the integration of identity & accessmanagement, intrusion detection and prevention, security monitoring, and dataencryption solutions.
  • Identity and Access Management - Active Directory basedIdentity and Access Management and Authorization design experience andintegration with IDaaS and Federation technologies.
  • Toqualify for the role, you must have

    Direct knowledge of various ITsystem architecture concepts and Cloud technology, as well as supportingtechnology such as IAM, network security, firewalls, user account management,audit and logging, and other security concepts as outlined in ISO27001, OWASPand related security standards.

    Advanceddegree in Computer Science or a related discipline; or equivalent workexperience. CISSP, CISM, or similarcertifications preferred.

    Strongcommunication skills and ability to work with stakeholders ranging fromdevelopers to architects to business leaders

    Ideally,you’ll also have

    Although not required, it is preferred that candidatespossess additional working security experience and knowledge in one or more ofthe following areas :

  • Operational Security Experience with definingoperational models and procedures for business solutions including theoperation and maintenance of infrastructure and application security controls.
  • Information Security Standards Knowledge of commoninformation security standards such as : ISO 27001 / 27002, NIST CSF, FEDRAMP, CSAand CIS Controls.
  • Product Management working with a broader business team on aspects of security that affect allphases from concept to design to implementation and then operational support.
  • Whatwe look for

    We are looking forindividuals with a passion for information security and demonstrated ability toapply their knowledge to new and emerging technologies that are supporting thegrowth strategy of a global professional services firm.

    Whatworking at EY offers

    We offer a competitive remuneration package whereyou’ll be rewarded for your individual and team performance. Our comprehensiveTotal Rewards package includes support for flexible working and careerdevelopment, and with FlexEY you can select benefits that suit your needs,covering holidays, health and well-being, insurance, savings and a wide rangeof discounts, offers and promotions. Plus, we offer :

    Support, coaching and feedbackfrom some of the most engaging colleagues around

    Opportunities to develop newskills and progress your career

    The freedom and flexibility tohandle your role in a way that’s right for you

    If you can confidently demonstrate that you meet thecriteria above, please contact us as soon as possible. Apply now to make yourmark.

    Dodaj do ulubionych
    Usuń z ulubionych
    Mój adres email
    Klikając przycisk "Kontynuuj", wyrażam zgodę neuvoo na przetwarzanie moich danych i wysyłanie powiadomień e-mailem, zgodnie z zasadami przedstawionymi przez neuvoo. W każdej chwili mogę wycofać moją zgodę lub zrezygnować z subskrypcji.
    Formularz wniosku