EY Security Analyst in Wrocław, Poland
Core Business Services
Requisition # WRO00367
Post Date Nov 05, 2020
EY GDS (Global Delivery Services) means 40.000 specialists providing globally IT, project management and strategic business services to EY member firms. In addition we deliver support and solutions to clients from all over the world.
The Security Compliance department identifies and manages the key Information Security risks within EY. The department owns the Compliance Program that manages identified non-conformity events to existing policies, monitors and reports on the effectiveness of IT controls, and performs root cause analysis to identify systemic or process weaknesses that may affect the firm’s information security posture.
The Compliance Specialist will contribute to the evolution of EY’s Compliance program. The Compliance Specialist is also responsible for the day-to-day activities as they relate to the security compliance program and follow-up activities. The Compliance Specialist is aligned functionally within the organization and therefore is responsible for advising others on the compliance process and increasing awareness of security within their area of responsibility.
Essential Functions of the Job:
Conducts security compliance program activitiesas specified in the information security policy to assess compliance withEY’s policies, standards and procedures
Keeps track of security deficiencies through thedocumentation of findings, monitoring the follow through of theremediation, and validates closure to increase the security maturity ofthe security program and reduce overall risk
Reports on metrics to gauge effectiveness of thesecurity policy framework and publish periodic metrics report
Analyzes the data contained within the compliancesystem and other security information repositories to identify securitytrends, root causes and notable risks.
Advises others, helping to enhance and improvetheir understanding of information security and its importance to EY.
Advises managers and other leaders concerning theoverall status of the function’s compliance findings and associatedremediation plans and exceptions.
Documents security findings, remediation plansand exception requests in a clear and concise manner
Technical Skills and Understanding of Risk Management/ISO 31000:
Experience with data analytics tools like SAS orSpotfire will be preferred
Maintain awareness of the current security threatlandscape
An overall understanding of the business objectivesand security challenges within the different Service Lines within theorganization
Ability to team well with others to facilitateand enhance the understanding and compliance to security policies
Some programming experience will be beneficial,though not required
5+ years of related IT work experience
Experience in theInformation Security field
Experience in solution design and development orwithin an infrastructure operations organization supporting LAN/WAN’s
Experience advising and communication withclients and vendors in relation to security policies
Good management, interpersonal, communication,organizational, and decision-making skills
Strong English language skills, written andverbal, are required
What working at EY offers:
Opportunity to develop technical andnon-technical skills in a truly global environment
Variety of platforms for upskillingincluding but not limited to Udemy for business, on-site trainings,language classes, etc.
Flexible full time working hours with respectto your work life balance
Modern and well located office in or with fresh work environment
Perks / benefits: private health care(incl. family, parents, in-laws & dental care), life insurance, sportgroups, MultiSport, Benefitsystem, theatre and cinema tickets, shoppingvouchers, etc.
Interesting top technology transformationprojects with global impact
If it all sounds exciting to you - we are lookingforward to seeing you on board.
Apply now to make your mark.