Senior Consultant - Risk - Cyber Security

Ernst & Young

Amman, Jordan

Posted
Ref: NP946-1168

Job description / Role

Cyber Security is one of the most important risks facing businesses today. Systems and processes are becoming increasingly interconnected and automated and many organizations are now reliant upon technology to drive business strategy and growth. Our clients are overwhelmingly turning to EY for help and guidance on how to protect their assets, minimise business disruption and improve security as they continue to exploit technology and the Internet of things (IoT).

The opportunity

At EY we have ambitious plans to expand our already market leading Cybersecurity practice. With investment secured, we continue to build our MENA based cyber practice and anticipate continued growth throughout the next five years. We need excellent people, across all grades, to join us and to be part of our exciting growth strategy . Interested and have what it takes to develop into a market leading expert in a fast evolving and exciting growth area?

Your key responsibilities

As a Senior Consultant in our MENA Cybersecurity practice, you will be working within IT Risk and Security and will have exposure to cyber security assessments and work in teams to deliver security implementations or remediation programmes.

You will have responsibility for;

- Working across a portfolio of cyber engagements with our clients, reporting to a Manager or Senior Manager, responsible for the day to day completion of security assessments or delivering elements of a security transformation programme.
- Working with team members you will create high quality reports, ready for review by a Manager or Senior Manager.
- Where possible, you will identify opportunities for EY to assist our clients further and escalate these potential areas to the engagement manager.
- Working with the engagement manager you will assist with the planning and delivery phases of engagements
- Contributing to the creation of proposals and marketing material

Requirements

Skills and attributes for success

Experience in information and cyber security is essential for this role. A Big 4 background or comparable consulting experience is helpful, although EY will provide ongoing training and support to develop your consulting skills. We therefore welcome applicants with industry experience and skills delivering transformation workstreams, or security remediation work .

A broad background across security and experience in 1 or more of the following areas would be beneficial;

- Security strategy, assessment, designing and implementing security strategy, governance frameworks over processes, controls, organisation & infrastructure to management cyber security
- Security transformation programmes - design & management of security solution implementations and / or remediation programmes
- Identity and access management (IDAM), assessing current IDAM practices and designing solutions to improve JML processes, privileged access and recertification programmes.
- Breach and incident management, design and implementation of breach and major incident management practices
- Security policies and procedures, design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, ISO27001, NIST, SANS etc.
- Data privacy, implementation of data protection / GDPR programmes to address confidentiality and security over customer, employee or patient data.
- Resilience, design and implementation of programmes to improve IT Disaster Recovery, Business Continuity
- Security over operational technology and control systems (SCADA)
- Security architecture - creating secure architecture designs for solutions, designing secure patterns for reuse and the delivery of architectural reviews using TOGAF or SABA.
- Security around emerging technology platforms - mobile device platforms (iOS, Android), cloud services (IaaS, PaaS, SaaS), Big Data, Social media

To qualify for the role you must have

- Security relation qualifications such as CISSP, CISM, CISMP, ISO27001 lead implementer or auditor, MBCI, IAPP(desirable)
- Project and programme related qualifications; Prince II, Scrum, Agile

What we look for

Highly motivated, you will be a good communicator with the ability to contribute confidently to technical security discussions with peers and management. You will be a team player who is not only looking to enhance their own career, but recognises the value in working well with others and the value of teamwork

What working at EY offers

We offer a competitive compensation package where you will be rewarded based on your performance and recognised for the value you bring to the business. We also offer:

- Support, coaching and feedback from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that's right for you

About EY

As a global leader in assurance, tax, transaction and advisory services, we're using the finance products, expertise and systems we've developed to build a b etter working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we'll make our ambition to be the best employer by 2020 a reality.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Make your mark.

Apply now.

About the Company

EY is a global leader in assurance, tax, transactions and advisory services. Our 167,000 people are united by our shared values, which inspire our people worldwide and guide them to do the right thing, and our commitment to quality, which is embedded in who we are and everything we do.

EY is committed to doing its part in building a better working world for our people, for our clients and for our communities.