EY Advisory Manager – Cybersecurity – Emerging Technologies in Seattle, Washington

Advisory Manager – Cybersecurity – Emerging Technologies


Requisition # UNI00BVX

Post Date Jan 09, 2019

Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.

We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

Job Summary:

EY’s CyberSecurity team helps clients create solutions that combine hardware, software, and services to normalize, aggregate, correlate, and visualize data from disparate security products. Our professionals assist organizations in minimizing complexities associated with managing vast amounts of security event data while maximizing control over the security infrastructure. Services include:

  • Security strategy - Assess, design and implement a security strategy and governance program framework that describes the process, controls, organization and infrastructure to manage information security related concerns

  • Security implementation - Design, implement and integrate security solutions to address enterprise risks and exposures

  • Security governance - Design and implement security policies, procedures and standards that describe pragmatic, risk- based mechanisms to maintain the confidentiality, integrity and availability of information systems and the data processed therein

  • Security monitoring - Design and implement security solutions to monitor the efficiency and effectiveness of security operations, controls and infrastructure

We currently are seeking a highly motivated Manager to participate in and lead client engagement teams, work with clients to deliver professional services, and support business development activities on strategic and global priority accounts

The opportunity is now! If you are interested in being part of a dynamic team, serving clients and reaching your full potential - EY Advisory Services is for you!.

Key Responsibilities:

  • Effectively lead and motivate client engagement teams and provide technical leadership on a broad range of projects including technical security assessments, planning and implementing enterprise security capabilities and processes, and developing information security strategy

  • Manage, coordinate, plan and deliver IT Risk Transformation Services projects which include GRC program design, performing current state assessments, future state design, GRC process re- engineering and enhancements, GRC tool and technology implementation, risk assessments, risk metrics and dashboarding, risk convergence, IT risk and control framework design, and integrated operational risk management projects

  • Generate new business opportunities by participating in market facing activities and developing thought leadership materials. Understand EY and its service lines. Actively encourage team members to contribute ideas and identify opportunities to introduce EY services

  • Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology and tools to enhance the effectiveness of deliverables and service

  • Foster an innovative and inclusive team- oriented work environment. Play an active role in counselling and mentoring junior consultants within the firm. Assist in developing our knowledge around industry leading practices, trends and security threats regarding emerging technology platforms

  • Consistently deliver quality client services. Drive high- quality work products within expected timeframes and on budget. Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes

  • Use knowledge of the current IT environment and industry trends to identify engagement and client service issues, and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business

  • Foster relationships with client personnel to analyze, evaluate, and enhance information systems to develop and improve security at procedural and technology levels

  • Assist with cultivating and managing business development opportunities. Understand EY and its service lines and actively assess/present ways to serve clients

To qualify, candidates must have:

  • A bachelor's degree and a minimum of 5 years of related work experience; or a graduate degree and approximately 4 years of related work experience in the fields of Business, Accounting, Finance, Computer Science, Information Systems, Engineering, or related discipline

  • Solid understanding of fundamental information security concepts, including authentication, authorization, access control, auditing, and cryptography

  • Strong project management experience in performing security assessments of IT systems and applications including- threat model development, application security architecture design, blackbox testing and source code review, risk/flaw mitigation strategies

  • Manage teams performing analysis of IT Security program and related processes/functions – performing current state assessment via interview, determining necessary future state, providing of recommendations to reduce risk and improve effectiveness

  • Understanding of security design patterns relevant across the IT ecosystem (mobile, web, middleware, cloud, database), information security solutions engineering, security technology implementation

  • Familiarity with security concerns around emerging technology platforms – mobile device platforms (iOS, Android), cloud services (IaaS, PaaS, SaaS), Big Data, Social media

  • Knowledge of and familiarity with industry laws and regulations mandating information security and information risk management requirements (HIPAA, PCI- DSS, Sarbanes- Oxley)

  • Excellent leadership, presentation, and client service with advanced written and verbal communication and presentation skills

  • CISSP, SANS GSEC, CCSKCISM, CRISC, SANS GWAPT, ISSAP, CSSLP, SABSA or other relevant certification desired; non- certified hires are required to become certified within 1 year from the date of hire

  • A valid driver's license in the US and a valid passport required; willingness and ability to travel domestically and internationally to meet client needs; estimated at 60- 80%Ernst & Young LLP, an equal employment opportunity employer (Females/Minorities/Protected Veterans/Disabled), values the diversity of our workforce and the knowledge of our people.