The role will involve working with a variety of clients and industries, and you will be working alongside practitioners from across EY, on a variety of Process Improvement and Information Security projects. As an ambassador for the IS team, you will need to build a strong network internally and be able to exceed our clients' high expectations. You will therefore be highly motivated, and be a strong communicator. Experience of a consulting environment would be beneficial.
Information Security Senior Consultants work with clients as a business advisor, this involves working with senior client management teams from within business operations, information security and IT to:
• Assess risks, using recognised sources of threat intelligence as well as business impact assessments
• Assess management of information security , covering people, physical, process and technology aspects
• Advise on and, where required, manage the transformation and improvement of information security in a client organisation
• Advise on and implement performance management and assurance frameworks for information security.
You will be expected to have some business development capability, being able to demonstrate some limited success in the development of client business relationships and support of the selling of security services to clients and targets.
Specific responsibilities include:
• Planning and delivery of information security engagements
• Writing client reports
• Review and quality assurance of client deliverables
• Engagement assurance and commercial risk management
• Managing and mentoring junior engagement team members.
Knowledge & Skills
The candidate will require significant experience in information security across such areas as
• Risk management methods and techniques.
• Potential process and technology vulnerabilities and detailed understanding of the security mechanisms that can potentially be deployed to reduce risk to an acceptable level.
Specific focus areas include
• Cyber security.
• IS assessment.
• IS architecture.
• IS risk assessment.
• IS governance schemes (ISO 27001)
• IS operations.
• IT Disaster Recovery.
• Business Continuity Management.
There is a high degree of variety in the work, so the ability to be flexible and adaptable is key.
Our work covers a number of sectors, the main ones being
• UK Government,
• Oil & Gas,
• Consumer Products and Pharma industries.