Advisory Senior Manager – Cybersecurity – Attack & Penetration Testing in Virtual / Travel

Ernst & Young   •  

Virtual / Travel

Industry: Legal & Accounting


8 - 10 years

Posted 56 days ago

ob Summary:

Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team stays highly relevant by researching and discovering the newest security vulnerabilities, attending and speaking at top security conferences around the world, and sharing knowledge on a variety of topics with key industry groups. The team frequently provides thought leadership and information exchanges through traditional and less conventional communications channels such as speaking at conferences, publishing white papers and blogging.

Our professionals work together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients.

Key Responsibilities:

  • Lead, coordinate large- scale Information Security engagements.
  • Provide both subject matter expertise and project management experience to serve as the "point person" for engagement teams.
  • Work with prospective clients to identify opportunities, scope engagements, and build relationships.
  • Develop and review reports and presentations for both technical and executive audiences.
  • Supervise staff by providing mentorship and coaching to grow their technical and consulting skills.
  • Improve EY's business processes and incident response methodologies.
  • Routine line management and leadership of staff within the Information Security Management function.
  • Leadership and strategic direction for the function, ranging from planning and budgeting to motivational and promotional activities expounding the value of information security.
  • Liaison with and offers strategic direction to related governance functions (such as Physical Security/Facilities, Risk Management, IT, HR, Legal and Compliance) plus senior and middle managers throughout the organization as necessary, on information security matters such as routine security activities plus emerging security risks and control technologies.
  • Recruitment, leadership and direction for a loose network of information security ambassadors distributed throughout the organization.
  • Leads the design, implementation, operation and maintenance of the Information Security Management System based on the ISO/IEC 27000 series standards, including certification against ISO/IEC 27001 where applicable.
  • Forms a "centre of excellence" for information security management, for example offering internal management consultancy advice and practical assistance on information security risk and control matters throughout the organization and promoting the commercial advantages of managing information security risks more efficiently and effectively.
  • Leads or commissions the preparation and authorizes the implementation of necessary information security policies, standards, procedures and guidelines, in conjunction with the Security Committee.
  • Leads the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations.
  • Leads or commissions suitable information security awareness, training and educational activities.
  • Leads or commissions information security risk assessments and controls selection activities.
  • Leads or commissions activities relating to contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties.

To qualify, candidates must have:

  • Bachelor's degree and a minimum of 7 years of related work experience, or a Master's degree and minimum 6 years of related work experience in the fields of Computer Science, Information Systems, Engineering, Business or related major.
  • Supervisory experience and demonstrated leadership capabilities required.
  • Prior Big 4 or other relevant consulting experience required.
  • Experience developing new business and meeting revenue targets required.
  • Demonstrated characteristics of a forward thinker and self- motivator who thrives on new challenges and adapts to learning new knowledge.
  • Strong analytical and problem- solving skills.
  • A military/government background is a plus.
  • Prior Big 4 or other relevant consulting experiences a plus.
  • Able to work collaboratively in a team environment.
  • A valid driver's license in the US and a valid passport required; willingness and ability to travel domestically and internationally to meet client needs; estimated 80% travel required.
  • The successful candidate must hold professional certifications such as the CISSP or equivalent.

Valid Through: 2019-11-12