Manager & Senior Consultant - Information Security
Information Security - Manager & Senior Consultant
EY is recognised as a leading independent provider of technology, security and risk advisory services, supporting organisations to address the challenges of governance, transformation, regulatory compliance and maximising value for money.
The Information Security (IS) team is a global team of over 1000 professionals focused on delivering leading edge information security assessment, implementation and monitoring solutions to our clients.
The UK IS team in the UK comprises at least 50 practitioners with diverse backgrounds, all demonstrating capabilities to work effectively with our clients on IS issues, assessing current status, designing security solutions that manage risk, implementation of IS solutions and monitoring IS to provide assurance that what was designed has been delivered.
For the team, that means being able to apply good IS risk management principles across many varied parts of an organsiation (people, process and technology) to provide pragmatic solutions to our clients that will improved the delivery of information security in an effective and sustainable way.
In response to strong market demand, and to support the on-going growth of our IS team, we are seeking additional individuals to enhance our existing team, with experience of all aspects of information security, including cyber security assessment, risk analysis, design and architecture, privacy, security operations and business continuity. This is a fantastic opportunity to contribute to the future growth of our practice and work with a broad range of clients across a number of different sectors.
The role will involve working with a variety of clients and industries, and you will be working alongside practitioners from across EY, on a variety of Process Improvement and Information Security projects. As an ambassador for the IS team, you will need to build a strong network internally and be able to exceed our clients' high expectations. You will therefore be highly motivated, and be a strong communicator. Experience of a consulting environment would be beneficial.
We are seeking high performing individuals who have been recognised for exceeding expectations, candidates should be willing to take on a challenge and be able to use their initiative with minimal support.
Qualifications/skills you'll need as an Information Security Professional:
Knowledge & Skill requirement:
The candidate will require significant experience in information security across such areas as:
- Risk management methods and techniques.
- Potential process and technology vulnerabilities and detailed understanding of the security mechanisms that can potentially be deployed to reduce risk to an acceptable level.
Specific focus areas include:
- Cyber security
- IS assessment
- IS architecture
- IS risk assessment
- IS governance schemes (ISO 27001)
- IS operations
- IT Disaster Recovery
- Business Continuity Management
There is a high degree of variety in the work, so the ability to be flexible and adaptable is key.
Our work covers a number of sectors, the main ones being
Oil & Gas, Energy.
Consumer Products and Pharma industries.
Whatever the industry and focus for our assignments, the expectation is for technical excellence, combined with strong commercial understanding.
Information Security Senior Consultants work with clients as a business advisor, this involves working with senior client management teams from within business operations, information security and IT to:
- Assess risks, using recognised sources of threat intelligence as well as business impact assessments
- Assess management of information security , covering people, physical, process and technology aspects
- Advise on and, where required, manage the transformation and improvement of information security in a client organisation
- Advise on and implement performance management and assurance frameworks for information security.
You will be expected to have some business development capability, being able to demonstrate some limited success in the development of client business relationships and support of the selling of security services to clients and targets.
Specific responsibilities include:
- Planning and delivery of information security engagements
- Writing client reports
- Review and quality assurance of client deliverables
- Engagement assurance and commercial risk management
- Managing and mentoring junior engagement team members.
In addition to engagement-specific responsibilities, you will form part of the IS team, and make a proactive contribution to areas such as learning and development, knowledge sharing, current technologies, methodologies and the ongoing expansion of the team.
Who we are
EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.