EY Cybersecurity Senior Manager - Attack Surface Management - Open Location in Rochester, New York
At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
In a rapidly changing IT environment, clients from all industries look to us for trusted solutions for their increasingly complex risks and vulnerabilities. As a part of our Cybersecurity team you’ll be right at the heart of that goal, helping clients gain insight and context to their complex environments and assessing, improving, and building infrastructure, processes and policies to meet the client’s cybersecurity needs. You’ll get to use your technical and business skills to help us drive this mission and have an impact on cybersecurity at a global level.
*The opportunity *
We currently have a career opportunity for a Senior Manager to be responsible for leading projects or elements of multiple client engagements including service delivery, business development, and related activities.
You’ll work alongside respected industry professionals, learning about and using the latest tools and techniques to identify and overcome some of the most relevant and pressing security issues in the world.
*Your key responsibilities *
Our cybersecurity services assist our clients in aligning security management strategy with business goals. With a focus on cloud security and security architecture, you will serve in a key role of leading technical discussions, guiding the development of strategic and tactical security architecture efforts, designing and driving implementations to completion, and function overall as a technical security leader for traditional (i.e. on-premises) and evolving (i.e. cloud-based) security architectures.
*Skills and attributes for success *
Effectively lead and motivate client engagement teams and provide technical leadership in the assessment, design, and implementation of security and IT risk solutions, as well as overall engagement success with the client
Foster an innovative and inclusive team-oriented work environment, including playing an active role in counselling and mentoring senior consultants and managers within the firm
Knowledge of the current IT environment and industry trends to identify engagement and client service issues, and communicate this information to the engagement team and client management through written correspondence and verbal presentations, including staying abreast of current business and industry trends relevant to the client's business
Knowledge of cloud delivery, security and deployment models for Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) offerings
Knowledge of key cloud security standards (e.g., NIST, CIS, ISO, CSA STAR)
Knowledge of good industry practice in tiered security architecture design
Consistently deliver quality client services by driving high-quality work products within expected timeframes and on budget, monitoring progress, managing risk, ensuring key stakeholders are kept informed about progress and expected outcomes, and driving forward efforts around business development opportunities
Ability to document reference architectures, network schematics, blueprints, patterns, and other types of architectural documentation
To qualify for the role you must have
A bachelor's degree in a related field and approximately seven (7) years of related work experience; a graduate degree and approximately six (6) years of related work experience; or no degree and twelve or more (12+) years of related work experience
Experience in one or more of the following:
Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP)
Providing security review of network and system architecture designs
Operating as an IT architect or security architect within complex projects
Technical knowledge in some of the following domains in a cloud or on-premise context: routing/switching, stateful or next gen firewalls (NGFW), distributed denial of service (DDoS) mitigation, web application firewalls, intrusion detection / prevention systems (IDS/IPS), network segregation, security information and event management (SIEM), deceptive technologies, and other threat and vulnerability management capabilities
Creating or securing cloud solutions for some of the following cloud / cloud security technologies: identity and access management (IAM), two-factor authentication (2FA), SIEM, public key infrastructure (PKI), network security, firewalls, IDS/IPS, anti-malware, email security, web content filtering, DDoS mitigation, endpoint detection & response, patch management, configuration management, data loss protection (DLP), application security, and other relevant cloud / cloud security technologies
Experience in process definition, workflow design, and process mapping
A valid driver's license in the US and a valid passport required; willingness and ability to travel internationally and a willingness to travel; travel is estimated at 60-80%
Ideally, you’ll also have
Strong presentation and communication skills and ability to speak with director and VP levels
Relevant security certifications (e.g., CISSP, CISM)
Relevant cloud certifications (e.g., AWS, GCP, Azure)
*What we look for *
We’re interested in intellectually curious people with a genuine passion for cybersecurity. With your broad exposure across cloud security and security architecture, we’ll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us, but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you. CyberFY22
What we offer
We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
The exceptional EY experience. It’s yours to build.
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law.