EY Risk Advisor, Technology Consulting - Cyber Security (Cyber Transformation) (Manager) (M.P) in Boston, Massachusetts
Risk Advisor, Technology Consulting - Cyber Security (Cyber Transformation) (Manager) (Multiple Positions), Ernst & Young U.S. LLP, Boston, MA.
Provide advisory services on technology risk and security to help clients protect themselves against cyber attacks by conducting security capability and solutions assessments, delivering information security transformation, designing and implementing GRC technology solutions, performing program risk management, and delivering IT assurance. Enable enterprise clients to make better security and risk decisions, and reduce the cost of managing overall security risk. Work with clients to deliver sustainable, measurable results in transforming information security programs, identifying and responding to cyber threats, managing identity and access effectively and efficiently, and/or mitigating the risk of information loss and addressing privacy regulations. Help enterprises build cyber security models to protect company data against cyber threats. Help clients improve Identity and Access Management (IAM) processes to meet compliance needs and improve operational efficiency. Develop new privacy and data protection strategies to secure information while balancing regulatory requirements with business needs. Plan, implement, upgrade, and monitor security measures for the protection of computer networks and information. Ensure appropriate security controls are in place that will safeguard digital files and electronic infrastructure. Confer with clients to discuss issues such as computer data access needs, security violations, and programming changes. Develop plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
Manage and motivate teams with diverse skills and backgrounds. Consistently deliver quality client services by monitoring progress. Demonstrate in-depth technical capabilities and professional knowledge. Maintain long-term client relationships and networks. Cultivate business development opportunities.
Full time employment, Monday – Friday, 40 hours per week, 8:30 am – 5:30 pm.
Bachelor’s degree in Management Information Systems (MIS), Computer Science, Engineering, Business, Accounting, Finance or a related field and 5 years of progressive, post-baccalaureate combined experience in consulting, advisory, cybersecurity assessment, or auditing. Alternatively, will accept a Master’s degree in Management Information Systems (MIS), Computer Science, Engineering, Business, Accounting, Finance or a related field and 4 years of combined experience in consulting, advisory, cybersecurity assessment, or auditing.
Must have 4 years of experience working in Information Security and/or IT Management.
Must have 4 years of experience in either:
o Strategy, design, development, and/or implementation of Information Security systems, including vulnerability assessments, privacy assessments, intrusion detection, incident response, security policy creation, enterprise security strategies, architectures, and/or governance; or
o Experience in information security regulatory requirements and compliance issues.
Must have 1 year of experience in at least 2 of the following:
o Network management, including TCP/IP and OSI-model security technologies, including firewalls, intrusion detection and intrusion prevention.
o Security Control design and implementation, pre/post go-live support, and training.
o Security and Privacy Information Systems assessments, data analysis, design, architecture, implementation, management, and reporting.
o Security and Risk Standards, including ISO 27001-2, PCI DSS, NIST, ITIL, COBIT, and HITRUST.
o Cloud security architecture, assessment, implementation, and/or operation.
o Product security and connected products security, including Internet of Things (IoT) devices.
o Third party risk management, including use of sensitive data and supply chain security.
Must have 1 year of supervisory experience.
Must be eligible to obtain certification such as CIPP, CIPT, CISA, CISM, CISSP, CRISC, PMP, or similar within 1 year of hire.
Requires travel up to 80%, of which 20% may be international, to serve client needs.
Employer will accept any suitable combination of education, training or experience.
TO APPLY: Please apply on-line at ey.com/en_us/careers, and click on “Find jobs” ( Job Number – 249341).
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law.
This particular position at Ernst & Young in the United States requires the qualified candidate to be a "United States worker" as defined by the U.S. Department of Labor regulations at 20 CFR 656.3. You can review this definition at https://www.gpo.gov/fdsys/pkg/CFR-2011-title20-vol3/pdf/CFR-2011-title20-vol3-sec656-3.pdf at the bottom of page 750. Please feel free to apply to other positions that do not require you to be a "U.S. worker".
- EY Jobs