EY Cyber Data Privacy and Protection-Senior Associate in South Africa

Cyber Data Privacy and Protection-Senior Associate


Requisition # SOU001AW

Post Date Mar 09, 2018

Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.

We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

The EY cyber security team is looking for a number of staff members across levels from Assistant Manager to Associate Director.

As a Cyber Security Consultant, you will contribute technical insights to client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You'll also identify potential business opportunities for EY within existing engagements and the market. The more senior the role, the higher the expectation around winning market opportunities.


Ideally you will have experience with a globally recognised professional services firm or large corporations with industry experience in a number of the following areas:

• Experience in assessing an implementing security and risk standards including ISO 2700X, NIST, ITIL, COBIT

• Systems security skills in assessment, design, architecture, management and reporting

• Conduct Information Security Assessment against EY Methodology and leading practice frameworks and common standards.

• Conduct attack and penetration on infrastructure, network, web application and source code review.

• Assist client in managing and transforming their Information Security Programs.

• Assist client in managing their Business continuity and disaster recovery.

• Assist clients in designing and implementing their identify and access management solutions

• Assist client in managing their information protection and data privacy.

• Evaluate and analyze threat, vulnerability, impact and risk to security issues discovered from security assessments.

• Advise clients on the IT security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the systems.

· Application control and security implementation, program and project delivery design, architecture and solution design,

• Industry related certification required (e.g.CISSP, CISM, CISA, CIA, CIA)

To qualify all applicants must have:

• At least 4 years of professional experience in either a technical IT Risk or an IT Security role

• Strong project management skills and interpersonal skills

• Advanced written and verbal communication skills and presentation skills, Strong analytical, interpersonal.

• Strong interest in the field of information security

• Creative, independent with good problem solving skills

• Be willing to travel as required

• Client service delivery and able to manage multiple engagement teams and projects

• Experience in coaching and supervising junior team members

• Demonstrated integrity within a professional environment

• Have a drive to build a team and grow your technical information security career to the next level

• You may also have a Bachelor's and/or post graduate degree in computer science, information systems, engineering, or a related major (such as accounting).

The successful candidate must hold or be willing to pursue related professional certifications such as the CISSP, CISM, and/or CISA

CA / CIA advantageous