Senior Consultant/Assistant Manager, Resilience - Cyber Security

Ernst & Young

Riyadh, Saudi Arabia

Ref: NP946-1459

Job description / Role

Employment: Full Time

Resilience and Cyber Security is one of the most important risks facing businesses today. Organizations resilience capabilities was tested during COVID19 pandemic and organizations are looking for trusted consultants to enhance the capability. Also, as organizations move forward on their digital journey the cybersecurity risk exposure is increasing and there is a huge demand for trusted cybersecurity consultants. Our clients are overwhelmingly turning to EY for help and guidance on how to enhance the resilience and protect their assets, minimise business disruption and improve security.

The opportunity

At EY we have ambitious plans to expand our already market leading Cybersecurity practice. With investment secured, we continue to build our MENA based cyber practice and anticipate continued growth throughout the next five years. We need excellent people, across all grades, to join us and to be part of our exciting growth strategy .

Your key responsibilities

A large part of your role will be engagement delivery and provide support to executives for business development. We'll expect you to lead and deliver resilience and cybersecurity engagements with very minimal supervision. We also expect you to support executives in development of proposals, presentations and other business development activities. You will be responsible for the delivery and quality of the final reports to our clients.

You will have responsibility for

- Delivering business continuity / disaster recovery engagements covering the following activities:
- Current state and gap assessment
- Define the BCM Governance
- Define BIA methodology and perform BIA
- Define TRA methodology and perform TRA
- Development of BC / DR strategy
- Development of BC plans
- Conduct BC/DR exercises
- Delivering cybersecurity engagements including development of cybersecurity strategy, cybersecurity governance, risk and compliance frameworks, development of cybersecurity policies and procedures in line with ISO 27001 and NCA ECC standards
- You will be required to develop work products and presentations in Arabic
- Support the cyber executives with the development of proposals, presentations, etc.
- Championing EY and the cyber security team, helping to attract and retain world-class talent
- Contributing to the latest thought-leadership and industry research relating to cyber security

Your role will broadly constitute circa 80% engagement delivery and 20% business development.

Skills and attributes for success

An existing track record of successful engagement delivery in resilience and cyber security is expected of all candidates for this role. A Big 4 background or comparable consulting experience is highly advantageous. A broad background across resilience and security is expected with specific experience in two or more of the following areas, essential;

- Resilience, design and implementation of programmes to establish Business Continuity / IT Disaster Recovery / Crisis management frameworks
- Security strategy, assessment, designing and implementing security strategy, governance frameworks over processes, controls, organisation and infrastructure to management cyber security
- Security transformation programmes - design and management of security solution implementations and / or remediation programmes to address risks across AV, patching, secure build, vulnerability scanning & remediation, logging and monitoring, segregation, threat management, user awareness
- Security policies and procedures, design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, ISO27001, NIST, SANS etc.
- Data privacy, implementation of data protection / GDPR programmes to address confidentiality and security over customer, employee or patient data.
- Cyber awareness programmes, design and delivery of cyber security awareness programmes to executive level or wider organisation



- Security relation qualifications such as ISO 22301 LI, CBCI / CBCP, CISSP, CISM, ISO27001 lead implementer or auditor, etc.
- Project and programme related qualifications; Prince II, Scrum, Agile

What we look for

You'll need to be highly motivated, a self-starter and a strong communicator with the ability and experience to discuss technical content in business language to board level. You'll also need to be a team player who is not only looking to enhance their own career but recognises the value in developing others and strengthening the team.

What working at EY offers

We offer a competitive compensation package where you will be rewarded based on your performance and recognised for the value you bring to the business. We also offer:

- Support, coaching and feedback from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that's right for you

About EY

As a global leader in assurance, tax, strategy & transactions and consulting services, we're using the finance products, expertise and systems we've developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we'll make our ambition to be the best employer by 2020 a reality.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Build your legacy with us

Apply now.

About the Company

EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. Information about how EY collects and uses personal data and a description of the rights individuals have under data protection legislation are available on our site.

The MENA practice of EY has been operating in the region since 1923. For over 95 years, we have grown to over 7,500 people united across 21 offices and 16 countries, sharing the same values and an unwavering commitment to quality. As an organization, we continue to develop outstanding leaders who deliver exceptional services to our clients and who contribute to our communities. We are proud of our accomplishments over the years, reaffirming our position as the largest and most established professional services organization in the region