Skip to content

Cyber SRCR Consultant-Senior for EY Global Delivery Services in Miguel Hidalgo, MX (salary not disclosed) UCF

EY- Cyber Security - SRCR Cyber Program Transformation – Technology Consulting – Senior:

Jody M.

EY- Cyber Security - SRCR Cyber Program Transformation – Technology Consulting – Senior:

As part of our EY-Cyber security in the Technology Consulting team, you’ll contribute technically to Cyber Security client engagements across the globe and internal. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team. 
The opportunity:

We’re looking for Senior Security Consultant who should have deep technical understanding of cyber security, risk, and controls concepts along with various industry standards and frameworks like - Unified Compliance Framework, ISO27001, NIST CSF, PCI- DSS, GDPR etc. to perform various Cyber maturity assessments.

Your key responsibilities:

•    Ensure the end-to-end delivery of Cyber Maturity Assessment and Cyber transformation engagements, which involves performing security assessments for various global clients 
•    Assess the client’s current state of cyber maturity against Unified Compliance framework, ISO27K, NIST, PCI-DSS, GDPR, etc., through workshops/interviews with client stakeholders and understand the client’s overall cyber security posture and current state of maturity
•    Conducting a risk analysis and assessment of client’s provided information and document request and follow up accordingly if needed. Must be able to identify whether additional information should be obtained from the client    
•    Defining appropriate risk ratings/risk scoring based on the defined maturity guidance either by EY standards and/or industry standards
•    Must be able to provide appropriate rationale for each rating or scoring deemed to the client and/or third party based on the assessment and interaction with key stakeholders
•    Work effectively as a team member, sharing responsibility, providing support, maintaining communication, updating senior team members on progress, and providing recommendations based on observations from the assessment
•    Post the result of the identifying non-conformities and defined maturity scoring, team member must be able to define/develop strategy and roadmap needed that will help the client reach new goals in attaining the appropriate maturity level
•    Prepare final deliverables based on the assessment outcomes for clients and third parties—current state observation, identified risks, recommendations, maturity scoring, and building a strategy/roadmap on how clients can achieve a defined maturity state to strengthen their cyber security posture.

Skills and attributes for success:

•    Knowledge of the current security environment and industry trends to identify engagement and client service issues, communicate this information to the engagement team and client management through written correspondence and verbal presentations 
•    Ideal candidate for the role is someone who has experience in performing end-to-end security assessments, identifying gaps, defining future state
•    Experience with global standards and frameworks like unified compliance framework ISO27K, GDPR, PCI DSS, NIST, etc.
•    Must have experience in working in client facing roles, interacting with the third parties, assessing different kinds of environments (IT and non-IT) and ability to apply cyber security concepts in all these sectors.
•    Must be able to work as an individual contributor, be able to independently work around the client by scheduling meetings, collaborative interviews, and coordinating with various stakeholders for follow-up session

Experience in one or more of the following areas: 
­     Cybersecurity  assessments 
­     IT and cybersecurity  policies, standards, procedures and controls 
­     Security strategies and roadmaps 
­     Cybersecurity  awareness and training 
­     Cybersecurity  metrics and reporting 
­     Cybersecurity  organization design and implementation                                                                                                                                                                                                      Must be flexible and be able to operate in different work schedules depending on the time zone of the client you will be supporting

To qualify for the role, you must have:

•    At least 6+ years of overall experience in Cybersecurity Strategy, Risk, Compliance and Resilience experience 
•    Bachelor or college degree in related field or equivalent work experience
•    Strong Excel and PowerPoint skills

Ideally, you’ll also have:

•    CISSP, CISA, CISM
•    ISO 27001 Lead Auditor and Lead Implementer
•    Project management skills.

For more info.: Click Here