Cyber Transformation Consultant through Senior Consultant (42 / 1-4) Job purpose : Security Consultant / Senior Security Consultant in the Risk Advisory team to work on various Cyber Transformation projects for our customers across the globe.
An important part of your role will be to actively establish, maintain and strengthen internal and external relationships.
You’ll also identify potential business opportunities for EY and GTH within existing engagements, and escalate these as appropriate.
Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team.
In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, and is reviewed by the next-
level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop.
Your client responsibilities :
Engage in Cyber Transformation projects
Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress
Execute the engagement requirements, along with review of work by junior team members
Help prepare reports and schedules that will be delivered to clients and other parties
Develop and maintain productive working relationships with client personnel
Build strong internal relationships within EY Advisory Services and with other services across the organization
Contribute to people related initiatives including recruiting and retaining Cyber Transformation professionals
Maintain an educational program to continually develop personal skills of staff
Understand and follow workplace policies and procedures
Your people responsibilities :
Building a quality culture at GTH
Help senior team members in performance reviews and contribute to performance feedback for staff / junior level team members
Manage the performance management for the direct reportees, as per the organization policies
Foster teamwork and lead by example
Training and mentoring of project resources
Participating in the organization-wide people initiatives
Excellent leadership skills
Mandatory skills :
Strong knowledge of cyber / information security concepts, risk and controls concepts
Strong knowledge of standards such as ISO 27001 / 2, ISO 22301, ISO 27018, PCI DSS, NIST standards on Cyber Security, HITRUST, etc.
Strong knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc.
Good knowledge of TCP / IP, concepts of OSI layer and protocols, networking and security concepts
Good knowledge of OS (Windows / Linux) security, Database security
Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus
Familiar with OWASP and Secure SDLC standards / frameworks
Good knowledge of IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.)
Good knowledge of Security architecture design and review
Knowledge on reviewing firewall rulesets
Experience in LAN / WAN architectures and reviews
Governance and reporting
Good knowledge of cyber threats and vulnerabilities related to platform and infrastructure
Knowledge of vulnerability management
Basic knowledge of encryption
Knowledge of creation of cyber policies and procedures
Graduates / BE - B. Tech / MCA / M. Sc. (Stats, Maths, Computer Science) / MBA with background in computer science and programming with 3 7 years of relevant work experience
CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer
Excellent business communication skills
Preferred skills :
Security operations (SOC, SIEM) skills in assessment, design, architecture, management and reporting
Knowledge of anti-virus solutions (e.g. Symantec, McAfee, etc.)
Basic knowledge of incident management
Knowledge on Privacy
Deep domain experience in a specific sector
Prior Client facing experience