We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team stays highly relevant by researching and discovering the newest security vulnerabilities, attending and speaking at top security conferences around the world, and sharing knowledge on a variety of topics with key industry groups. The team frequently provides thought leadership and information exchanges through traditional and less conventional communications channels such as speaking at conferences, publishing white papers and blogging.
Our professionals work together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients.
- Effectively lead and motivate client engagement teams and provide technical leadership in the assessment, design, and implementation of software security and IT risk solutions.
- Generate new business opportunities by participating in market facing activities and developing thought leadership materials.
- Understand EY and its service lines. Actively encourage team members to contribute ideas and identify opportunities to introduce EY services.
- Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology and tools to enhance the effectiveness of deliverables and services.
- Foster an innovative and inclusive team- oriented work environment. Play an active role in counseling and mentoring junior Cybersecurity team members.
- Consistently deliver quality client services. Drive high- quality work products within expected timeframes and on budget. Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.
- Use knowledge of the current IT environment and industry trends to identify engagement and client service issues, and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business.
- Foster relationships with client personnel to analyze, evaluate, and enhance information systems to develop and improve security at procedural and technological levels.
- Assist with cultivating and managing business development opportunities. Understand EY and its service lines and actively assess/present ways to serve clients.
To qualify, candidates must have:
- Bachelor's degree and a minimum of 5 years of related work experience, or a Master's degree and approximately 4 years of related work experience in the fields of Computer Science, Information Systems, Engineering, Business or related major.
- A minimum of 4 years of related work experience writing enterprise security standards, policies, and coding guidelines.
- Experience conducting application security vulnerability assessments and attacks including creation of proof- of- concept exploits.
- Experience with tools such as Fortify, AppScan, WebInspect, Burp, ZAP.
- Demonstrated experience with enterprise application development in one or more of the common development platforms: Java/J2EE, .NET/C#, C/C++, PHP, Python, or Flash.
- Demonstrated experience in Cybersecurity strategic planning, architecture migration strategies, or security engineering strategy.
- Knowledge of networking and system- level concepts such as web application architecture, REST APIs, SOAP, jQuery, AJAX, message oriented architecture.
- Experience performing application architecture threat modeling and risk assessments.
- Demonstrated experience in key Information Security domains such as identity, access management, and cryptography.
- Enterprise experience with application development for mobile platforms such as iOS, or usage of mobile frameworks such as Kony or PhoneGap is a plus.
- Understanding of best practice methodologies in application security including OWASP and mobile.
- Deep understanding of development methodologies such as waterfall, agile, and continuous integration.
- Ability to examine issues both strategically and analytically.
- Strong communication skills with demonstrated ability to interact with senior management, technical SMEs, business partners, and influence decisions.
- Ability to work on multiple, simultaneous initiatives.
- Prior Big 4 or other relevant consulting experiences a plus.
- A valid driver's license in the US and a valid passport required; willingness and ability to travel domestically and internationally to meet client needs; estimated 80% travel required.
- The successful candidate must hold or be willing to pursue related professional certifications such as the CISM, GIAC, Open Group Certified Architect, CEH, CISSP, or equivalent.