EY Technology Consulting – Cyber Security Consultant(北京&济南) in Beijing, China
Technology Consulting – Cyber Security Consultant(北京&济南)
Requisition # BEI001T7
Post Date 4 days ago
Consulting – Cyber Security Consultant(北京&济南)
Excellent career opportunity with Ernst & Young:
Ernst & Youngis one of the leading global professional services organizations with 268,000 staff around the world. We are proud of our people culture which we believe sets us apart in the profession. Ernst & Young helps you achieve your best by providing great learning and career growth opportunities, by offering ways to help you achieve satisfaction in work and life, and by looking at each decision with a keen eye toward how it will affect you.
Cyber Securitys engagements focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. Engagements may be either assurance (attestation) and/or risk advisory in nature, and vary considerably in size and complexity. All of our Security services, whether assurance or advisory in nature, are designed for the dual purpose of strengthening internal controls and helping our clients improve IT and business performance
Collaborate with other members of the engagement team to plan the engagement and develop work program timelines, risk assessments, and other planning documents. Work with the engagement team to document the business processes dependent on information technology. Serve as a fieldwork leader by directing the daily progress of fieldwork, informing supervisors of engagement status, and managing staff performance;
Demonstrate and apply a thorough understanding of complex information systems. Use knowledge of the current IT environment and industry IT trends to identify the engagement and client service issues, and communicate this information to the engagement team and client management through written correspondence and verbal presentations;
Demonstrate and apply strong project management skills, inspire teamwork and responsibility with engagement team members, and use current technology and tools to enhance the effectiveness of deliverables and services;
Demonstrate expert ability to identify and analyze business and user requirements, develop, present and demonstrate professional solutions to prospective customers based on detailed customer requirements;
Prepare and conduct proposal presentations, demonstrations and participate in marketing and promotional activities (workshop, seminar, training and speech etc.);
Perform planned and ad-hoc security reviews to ensure compliance with existing policies;
Lead team to provide information security advisory services on risks and security best practice.
University graduates in Information Systems / Computer Science and Accounting
A minimum of 13 years of relevant experience with reputable international accounting firms; or experience in IT operations, holding ITIL and/or ISO20000 certificate; or experience in initiating, maintaining and monitoring information security policies, processes and procedures in enterprise according to ISO 17799/27701 and conducting information security risk assessment and treatment programs.
Strong interpersonal and organizational skills
IT 咨询： IT 规划（网络，基础架构，数据和应用规划）， IT 流程管理 （IT管理体系， ITIL）
IT风险： IT风险管理， 信息安全 （安全规划，安全技术， 数据安全， 应用和网络安全，云安全等）
业务安全/渗透测试/安全产品，(WAF/TD)日志做全面分析/应急响应/Data Security/Cloud Security/penetration testing/vulnerability management/incident response/jave, python, docker/OWASP10
熟悉主流SOC，SIEM平台包含Splunk，LogRhythm, McAfee, ArcSight等
Data loss prevention (DLP)
Security operation center (SOC)