[Close] 

Security Consulting Lead

Company Name:
Arca24.com
Salary period: Annual
Job summary:
As a Security Consulting Lead within EY's internal Global Information Security team, the individual will be a trusted security advisor to an internal multi-year program responsible for delivering ERP and CRM solutions to EY. This individual will oversee a team of Security Consultants who will provide security guidance, identify and prioritize security-related requirements, define security architectures in coordination with domain architects and promote secure-by-default designs and facilitate delivery of information security services throughout the system development life cycle (SDLC). The Security Consulting Lead will also direct consultants in developing appropriate risk treatment and mitigation options to address security vulnerabilities to translate these vulnerabilities into business risk terminology for communication to business stake holders.
Essential functions of the job:
ΓΆΒ ΒΆ Define and provide pragmatic security guidance that balance business benefit and risks
ΓΆΒ ΒΆ Engage IT project teams throughout the SDLC to identify and prioritize applicable security controls and provide guidance on how to implement these controls
ΓΆΒ ΒΆ Perform risk assessments of information systems and infrastructure
ΓΆΒ ΒΆ Maintain and enhance the Information Security risk assessment methodology
ΓΆΒ ΒΆ Define security configuration standards for platforms and technologies
ΓΆΒ ΒΆ Develop appropriate risk treatment and mitigation options to address security risks identified during security review or audit
ΓΆΒ ΒΆ Translate technical vulnerabilities into business risk terminology for business units and recommend corrective actions to customers and project stake-holders
ΓΆΒ ΒΆ Provide knowledge sharing and technical assistance to other team members
ΓΆΒ ΒΆ Act as Subject Matter Expert (SME) in responsible technologies and have deep technical understanding of responsible portfolios
Supervision responsibilities:
ΓΆΒ ΒΆ Responsible for the selection and performance management of staff members
ΓΆΒ ΒΆ Plan the training and development of staff to develop their skills and maintains state-of-the-art knowledge in information security
ΓΆΒ ΒΆ Evaluate, counsel, mentor and provide feedback on performance of others
ΓΆΒ ΒΆ Direct the daily progress of project work assigned to staff members, report status to management, and manage staff performance
Requirements
Job Requirements:
Knowledge and skills requirements:
ΓΆΒ ΒΆ Strategic skills to assist with the development of a long-term vision for the firms risk management security framework & approach
ΓΆΒ ΒΆ Ability to appropriately balance firm security needs with business impact & benefit
ΓΆΒ ΒΆ Ability to facilitate compromise to incrementally advance security strategy and objectives
ΓΆΒ ΒΆ An overall understanding of the business objectives of EY with an ability to build relationships across EY IT
ΓΆΒ ΒΆ Ability to team well with others to facilitate and enhance the understanding & compliance to security policies
ΓΆΒ ΒΆ Experience facilitating meetings with multiple customers and technical staff, including building consensus and mediating compromise
ΓΆΒ ΒΆ High degree of tolerance for ambiguity
ΓΆΒ ΒΆ Five or more years Working experience with the architecture, design and engineering of web-based multi-tier information systems or network infrastructures
ΓΆΒ ΒΆ Experience with security architecture, design and assessment of ERP and CRM solutions
ΓΆΒ ΒΆ Experience conducting risk assessments, vulnerability assessments, vendor and third party risk assessments and recommending risk remediation strategies
ΓΆΒ ΒΆ Experience working with common information security standards, such as: ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT
Experience:
ΓΆΒ ΒΆ Five or more years of experience in the management of a significant Information Security risk management function
ΓΆΒ ΒΆ 10 or more years of experience in an Information Security or Information Technology discipline
ΓΆΒ ΒΆ Experience in managing the communication of security findings and recommendations to IT project teams and management
ΓΆΒ ΒΆ Exceptional judgment, tact, and decision-making ability
ΓΆΒ ΒΆ Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change
ΓΆΒ ΒΆ Outstanding management, interpersonal, communication, organizational, and decision-making skills
ΓΆΒ ΒΆ Ability to understand and integrate cultural differences and motives and to lead cross cultural teams
ΓΆΒ ΒΆ Strong English language skills are required
Education:
An advanced degree in Computer Science or a related discipline, or equivalent work experience
Certification requirements:
Candidates are preferred to hold or be actively pursuing related professional certifications within the GIAC family of certifications or CISSP, CISM or CISA

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.