Ey- cyber security - srcr cyber program transformation - technology consulting - manager:
as part of our ey strategy, risk, compliance and resilience (src&r) technology consulting team, you would develop, deliver, and lead cybersecurity, maturity assessment engagements and internal projects as well, across the globe. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for ey and gds within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior management. In line with ey’s commitment to quality, you’ll confirm that work is of the highest quality as per ey’s quality standards. You’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop.
The opportunity:
we’re looking for manager with an in-depth experience and deep technical understanding of various cyber security domains(strategy, governance, resilience, third party security, supply chain risk management, physical security, cloud security etc.), risk, and controls concepts along with various industry standards and frameworks like - unified compliance framework, iso27k, nist csf, pci- dss, gdpr etc. to perform various cyber maturity assessments.
This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. In line with ey’s commitment to quality, you’ll confirm that work is of the highest quality as per ey’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop.
Your key responsibilities:
- help the firm identify cyber program accelerator (cpa) and cyber transformation opportunities and develop business across the ey globe.
- demonstrated consulting skills (client service orientation, conflict resolution, project management, etc.) and responding to rfps and questions pertaining to cpa and cyber transformation.
- ensure deliver of quality client services. Monitor progress, manage risk, and ensure key stakeholders are kept informed about progress and expected outcomes across all the engagements being led.
- demonstrate capability to manage client expectations and build strong relationships with clients and internal stakeholders
- ensure the end to end delivery of cyber maturity assessment engagements, which involves performing security assessments for various global clients
- ability to guide senior consultant in assessing client’s current state of cyber maturity through workshops/interviews with client stakeholders against various global standards and frameworks like unified compliance framework, iso27k, nist, pci-dss, gdpr etc. and understand the client’s overall cyber security posture
- guide senior consultants in conducting a risk analysis and assessment of client’s provided information and document request and follow up accordingly if needed. Must be able to identify whether additional information should be obtained from the client
- defining appropriate maturity scoring based on the defined guidance either by ey standards and/or industry standards
- ensure the final deliverables and outcomes of maturity assessments are prepared with expected quality based on the assessment outcomes for clients and help build strategy/roadmap on how clients can achieve defined maturity state to strengthen their cyber security posture
- train and upskill current and incoming resources who will be part of the cpa program to help bolster the team’s availability for future engagements
- contribute to people-related initiatives, including development, coaching, recruiting, training, and retaining staff
skills and attributes for success:
- must be able to work as an individual contributor, be able to independently work around the client by scheduling meetings, collaborative interviews and coordinating with various stakeholders for follow up session
- must be flexible and be able to operate in different work schedules depending on the time zone of the client you will be supporting
- experience with global standards and frameworks like unified compliance framework iso27k, gdpr, pci dss, nist etc.
- experience in one or more of the following areas:
cybersecurity assessments
it and cybersecurity policies, standards, procedures and controls
security strategies and roadmaps
cybersecurity awareness and training
cybersecurity metrics and reporting
cybersecurity organization design and implementation
to qualify for the role, you must have:
- at least 10+ years of overall experience in cybersecurity strategy, risk, compliance and resilience experience
- bachelor or college degree in related field or equivalent work experience
- strong powerpoint skil