TC-CS-DPP-Big Fix-Senior

EY- Cyber Security (DPP)- EKM Consulting Senior

As part of our EY-Cyber security the EKM Team owns the Public Key Infrastructure (PKI), and is responsible for certificate lifecycle management, distribution, and key management. The deployed solutions have various integrations from provisioning certs & keys to protect data at rest and in-transit, to signing code binaries, etc.

The Lead Info Security engineer will be a part of a team of subject matter experts to facilitate protection of data at rest, in-transit, or in-use by providing systems of processes, technologies, and policies.

The opportunity

We're looking for Security Analyst in the Risk Consulting team to work on various privacy/data protection related projects for our customers across the globe. In line with EY's commitment to quality, consultant shall confirm that work is of the highest quality as per EY's quality standards and is reviewed by the next-level reviewer. As an influential member of the team, consultant shall help to create a positive learning culture, coach and counsel junior team members and help them to develop.

Your key responsibilities

• Security engineer will be responsible for designing, developing, integrating and deploying encryption and key management solutions both on-prem and cloud.
• Security engineer will define business/technical strategy that reduces the risk and improves the overall security posture of our applications, platforms and infrastructure.
• Collaborate with stakeholders at all levels to understand the security needs and create/prioritize the roadmap accordingly.
• Ensure projects are completed on time, within budget, and with high quality.
• Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
• Develop runbooks, SOP, troubleshooting guides
• Continuously validate the team's products/solutions against policies, guidelines, procedures, regulations/laws to ensure compliance.
• Supporting the client's team by acting as an interim team member (e.g. security officer, security manager, security analyst.)
• Skills and attributes for success
• Should be a good team player.
• Excellent verbal and written communication skill.
• Proficient Documentation and Power Point skills
• Good social, communication and technical writing skills
• Should interface with internal and external clients.
• Strong analytical/problem solving skills.
• Ability to prioritize tasks and work accurately under pressure in order to meet deadlines.
• Should understand and follow workplace policies and procedures.
• Should independently manage the assigned project/engagement with minimal oversight/guidance from the manager.

To qualify for the role, you must have

• Bachelor's or master's degree in Computer Science, Information Systems, Engineering or a related field.
• At least 7 + years of experience in Information Security
• At least 5+ years of relevant experience
• Subject matter expertise in PKI, CLM, HSM
• Excellent scripting skills
• Experience with developing SOP, runbooks, CP/CPS
• 7+ years of technical experience with a combination of 2 or more services (CLM, KMS, and PKI)
• 5+ years of experience with both Linux and Windows systems
• Strong scripting skills
• 2+ years of working experience in cloud technologies such as AWS, Azure, and Google Cloud Platform
• Venafi, AppViewX CERT+, Luna HSM, Fortanix DSM, MS-PKI, Sectigo
• 3+ years of experience in writing requirements for security technologies
• Maintain current data protection and privacy expertise, skills and competences.
• Ability to independently research and solve technical issues.
• Demonstrated integrity in a professional environment.
• Knowledge of core Information Security concepts related to Governance, Risk & Compliance.
• Ability to work in and adapt to a changing environment.
• Extend required support for any reported data protection and privacy incidents such as information breaches and leakages.
• Ability to communicate in a clear and concise manner.

Ideally, you'll also have

• Data tokenization/Data Masking
• Proven experience leading high performing technical teams
• Security certifications such as CISSP, CISM, CRISC, AWS, Azure, SANS, etc.
• Ability to provide strong customer service.
• To expect some weekend work and 20%-30% travel based on job requirement.

What we look for

• A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills.
• An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide.
• Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries