Consultant - Advisory_risk - Tmt - Information Security - New Delhi Job in Ernst & Young Global Limited

Consultant - Advisory_risk - Tmt - Information Security - New Delhi

Apply Now
Job Summary About EY
As a global leader in assurance, tax, transaction and advisory services, were using the finance products, expertise and systems weve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, well make our ambition to be the best employer by 2020 a reality.

What working at EY offers
EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance
Consultant Risk Advisory Cyber SecurityI

Cyber Security is one of the most important risks facing businesses today. Systems and processes are becoming increasingly interconnected and automated and many organizations are now reliant upon technology to drive business strategy and growth. Our clients are overwhelmingly turning to EY for help and guidance on how to protect their assets, minimize business disruption and improve security as they continue to exploit technology and the Internet of things.

The opportunity

At EY we have ambitious plans to expand our already market leading Cybersecurity practice. We need excellent people, across all grades, to join us and to be part of our exciting growth strategy. As a Consultant in our Cybersecurity practice you will be working within IT Risk and Security and will have exposure to cyber security assessments and work in teams to deliver security implementations or remediation programs.

Your key responsibilities

Effectively liaise with clients and manage stakeholder expectations.
Identification of issues, risks, opportunities and improvement of policies, processes, procedures and standards.
Documenting Information security risk in relation to Technologies, People and Process.
Ability to map business requirement to technical specifications.
Identifying Information Security compensating controls or alternate controls in case primary control requirements are not met.
Assisting Vendor risk management process from Information Security point of view.
Raising risk findings with stakeholders and recording it per standardized requirements. Should be able to communicate key risk findings effectively.
Perform risk treatment discussions with stakeholders and gain business consensus on risk treatment roadmap.
Work with client Information Security teams, compliance teams, auditing teams and regulators to identify and document various requirements/obligations and formulate roadmap for potential program implementations.

Skills and attributes for success

Understanding of Third party risk management considerations including cloud implications of utilizing a Third party.
Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management
Passionate about learning new market trends in Information Security and ability to identify applicability in various client environments
Exceptional written/verbal communication and inter-personal skills
Excellent documentation and presentation skills
Strong analytical and creativity skills
Highly motivated and willing to work in a rapidly evolving environment
Leadership qualities and positive attitude to succeed
Passionate and flexible to work in a team and should also be able to adapt to scenarios where projects require working in an independent capacity
Experience of security methods such as vulnerability assessments, penetration testing, privacy assessments, intrusion detection, incident response, security policy creation, enterprise security strategies, architectures and governance

To qualify for the role you must have

A degree in engineering, B.E./B.Tech and a post graduate degree like MBA/MCA
2 - 8 years of relevant post qualification work experience in Information Security or Cyber Security domains like Third Party Risk Assessments, Infrastructure / Application Security, IT Audit, Vulnerability Assessment, Penetration Testing, Cloud Security, Identity & Access Management, Information Risk Management etc.
Minimum 1 - 3 years of experience in Consulting role is desirable
Must have one or more of relevant security certifications like CISSP, CISA, CISM, CEH, ISO27001
Additional security certifications like CCSP, CCSK, OSCP will be desirable

Ideally youll also have
Demonstrated ability to contribute to the development of client deliverables and technical content
Good written and verbal communications skills
Excellent leadership and teaming skills
Demonstrated integrity within a professional environment
Ability to travel at least 75% of time
Experience Required :

Fresher

Vacancy :

2 - 4 Hires