
Job Information
EY CyberArk Engineer in Phoenix, Arizona
At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
In a rapidly changing IT environment, clients from all industries look to us for trusted solutions for their increasingly complex risks and vulnerabilities. As a part of our Identity and Access Management (IAM) team you’ll be right at the heart of that goal, helping clients gain insight and context to their complex IAM environments and assessing, improving, and building infrastructure, processes and policies in order to meet the client’s IAM needs. You’ll get to use your technical and business skills in order to help us drive this mission and have an impact on cyber security at a global level.
The opportunity
We currently have a career opportunity for a Manager to be responsible for leading projects or elements of multiple client engagements including service delivery, business development, and related activities.
You’ll work alongside respected industry professionals, learning about and using the latest tools and techniques to identify and overcome some of the most relevant and pressing security issues in the world.
Your key responsibilities
Our IAM services assist our clients in aligning security management strategy with business goals by managing who has access to which resources and services, as well as enforcing business, privacy, and security policies. Supported by our strategic alliances with third-party vendors, our experienced professionals can provide broad services including: strategy, assessment, testing, and implementation of IAM solutions. Based on your existing experience, knowledge and ambitions, you could have the opportunity to gain experience across a number of our IAM teams, assessing and delivering foundational components of our services. Some of these teams include:
Within the Identity analytics & intelligence team, you’ll perform assessments in the following areas:
Current state assessments & Application access assessment
Capability maturity and benchmarking assessments
IAM data analytics
The IAM strategy team is all about developing IAM strategy and road map comprising of:
Operating model and governance
IAM policies, procedures and standards
On our Identity & access transformation team, you’ll provide clients with the following:
Design and architecture
Process design and re-engineering
Cloud and mobile apps access management
Access enforcement implementation
Access administration implementation
Elevated access management
Also you will help support the Identity and access governance team in:
IAM program management assistance & Privileged access management
Roles and rules management
SOD management and other IAM compliance related activities
Skills and attributes for success
At EY, we believe your career is a journey and we are committed to providing you an array of exciting opportunities to help you find the career path that is right for you. In this role, you will have the opportunity to team with a wide variety of clients to deliver professional services and to actively participate in a rapidly growing practice. With each engagement, you can expect to build leadership, communication and client-management skills, as well as sharpen your problem-solving capabilities. EY Security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. If you are interested in “building a more secure and trusted working world,” being part of a dynamic team, serving clients and reaching your full potential, EY Advisory Services is for you. Apply today!
Responsible for understanding and interpreting event discovery and incident response activities
Full-spectrum incident response support including event discovery, alert notification, investigation, facilitation of containment, facilitating of resolution, and event reporting
Supervise tier-1/2 analysts in resolving issues and troubling shooting connection and technology issues
Understanding the “how,” “when,” “where,” and “why” of the incident threat
Perform mitigation activities for current and residual risk
Assist with project planning and identification of mitigation activities
Perform the activities necessary for the immediate, short-term rapid resolution of incidents to minimize risk exposure and production down-time
Maintain a professional communicative relationship with clients and management to provide information throughout the incident, problem, and change management cycles
Coordinate and drive efforts among multiple business units during response activities and post-mortem
Proactive monitoring of internal and external-facing environment using specialized security applications
Provide timely, comprehensive and accurate information in both written and verbal communications
Proactively research and monitor security-related information sources to aid in the identification of threats to client networks, systems and intellectual property
Lead and mentor other staff members on incident response, analysis and tools
Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats
Participate in after hours on-call rotation when required
To qualify for the role you must have
Bachelor Degree in Computer Science, Mathematics, Engineering, or other related area of study with 3-5 years of overall IT professional work experience
At least 3 years in Information Security, especially in a security operations and vulnerability discovery OR information operations/incident role
Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, security operations etc.
Proven experience performing analysis of security events and incidents, to determine root cause and provide resolution; working experience against advanced persistent threats is well seen;
Strong working knowledge of at least three of the following security tools: host-based antivirus, anti-spam gateway solutions, firewalls, IDS/IPS, server and network device hardening, data loss prevention, forensics software, vulnerability management, website security;
Competence in using both internal and external ticketing systems for ITIL-based incident, problem and change management.
Experience with utilizing security tools software such as Splunk, LogRhythn, CarbonBlack, Fidelis, and ServiceNow
Ideally, you’ll also have
Additional certifications and training preferred in the following areas: Network Security certifications (CISSP, C|EH, Security+, SANS, ISACA, Vendor Certificates), Project Management training/certification, and Quality Management (ITIL, Six Sigma, TQM, etc.) training/certification
Ability to mesh sound technical and security practices to problem solving
Detailed knowledge of applicable security tools, technologies, and trends
What we look for
Fundamental understanding of defense-in-depth and intelligence-driven strategies
Working knowledge/experience of network systems, security principles, and applications
What we offer
We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
The exceptional EY experience. It’s yours to build.
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.
EY is committed to providing reasonable accommodation to individuals with disabilities. If you are a qualified individual with a disability and either need assistance applying online or need to request an accommodation during the interview process, please call 1-800-EY-HELP3, type Option 2 (HR-related inquiries) and then type Option 1 (HR Shared Services Center), which will route you to EY’s Talent Shared Services Team or email SSC Customer Support at ssc.customersupport@ey.com .