Cybersecurity Consultants - Governance, Risk and Compliance
Nicosia, CY, 1087
EY
EY provides consulting, assurance, tax and transaction services that help solve our client’s toughest challenges and build a better working world for all.Cybersecurity Consultants – Governance, Risk and Compliance
At EY Consulting Service Line, we support you in achieving your unique potential both personally and professionally. We give you stretching and rewarding experiences that keep you motivated, working in an atmosphere of integrity and teaming. And while we encourage you to take personal responsibility for your career, we support you in your professional development in every way we can.
The opportunity
Our EY Consulting ambition is to become the world’s leading transformation consultants, trusted to help our clients generate long-term value. We’re building world-class capabilities in business, technology and people consulting to help us deliver on EY’s purpose of building a better working world — our firm’s broader ambition to become the world’s most trusted, distinctive professional services organization.
Our clients are at the heart of our new strategy. We’re focused on solving the key issues of our client buyers, building deeper relationships, and making a greater impact. We’re introducing a new go-to-market narrative — Transformation Realized™ — to help us harness the core drivers of transformation that will create long-term value for our clients.
To achieve this, we are seeking a Governance, Risk and Compliance Cybersecurity Consultants to join our growing Cybersecurity practice. Our team is part of EY’s Central, Eastern and Southeastern Europe & Central Asia (CESA) cluster, delivering market leading services to organizations across industries in Cyprus and internationally.
The transformation imperative is urgent, challenging and opportunity-rich, interested to join us?
Your Role
As a GRC Cybersecurity Consultant, you will work in a team and / or lead the cybersecurity engagement and projects for our clients. They may include implementation of security solutions for our clients and support clients in their desire to protect their business. You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience.
Your main responsibilities will be:
- Assist client in evaluating, enhancing, or developing, and managing their:
- Cybersecurity program including technology controls, process controls, and governance, risk, and compliance elements.
- Business Continuity and Disaster Recovery Management programs
- Data Protection and Privacy
- Threat and Vulnerability Management programs
- Security Incident Detection and Response management programs
- Identity and access management programs
- Design and implementation of security policies, procedures, standards, and controls in line with regulation and/or current standards, ISO27001, NIST, SANS etc.
- Implementation of data protection and / or privacy programs to address confidentiality and security of personal data.
- Serve as a trusted advisor, collaborating closely with clients to understand their unique challenges and providing expert guidance on cybersecurity and risk management.
- Manage end-to-end delivery of client engagements, from scoping through execution.
- Assist clients in developing / enhancing their cybersecurity strategies and multi-year implementation roadmaps, in alignment with their risk landscape.
- Provide support in the design and implementation of cybersecurity governance frameworks and policies.
- Conduct comprehensive risk and controls assessments to identify and prioritize cyber risks and develop risk management strategies to mitigate risks effectively.
- Assist clients in defining risk appetite and tolerance levels aligned to business objectives.
- Conduct gap assessments with relevant standards and frameworks and develop compliance strategies and roadmaps tailored to clients' needs.
- Collaborate on internal innovation initiatives, contribute to the development of new service offerings and the enhancement of existing service methodologies.
To qualify for the role, you should have
- A BSc. degree in Computer Science, Information Technology, Cyber Security, or a related field.
- A MSc. degree in Information Security, Cyber Security or a related field will be considered an advantage.
- Up to 5 years of related experience in Information Security / Cybersecurity, with a focus on governance, risk, and compliance. Consideration will be given for equivalent combined experience in an IT, Risk Management, or technology management capacity.
- A professional qualification such as: CISM, CISA, CISSP, or related.
- Knowledge of general IT and business processes and familiarity with organizational technology landscapes.
- Understanding of cyber risk assessment and risk management, and familiarity with cybersecurity and privacy-related regulatory compliance requirements, industry standards and frameworks (DORA, NIS2, PCI DSS, ISO 27k, etc.), and key technical concepts (e.g., networking, protocols, cloud technologies).
Ideally you should also have
- Experience in client service delivery and be able to manage multiple engagement teams and projects.
- Good project management skills.
- Experience in coaching and supervising junior team members.
- Be a team player with good communication and interpersonal skills.
- Creative, independent with good problem-solving skills.
- Proactive, dedicated, innovative, resourceful, strong analytical and able to work under pressure.
- Advanced report writing, verbal communication skills, and presentation skills in English.
- Comfortable in taking a client-facing role and can effectively convey technical concepts to non-technical stakeholders.
Skills and attributes for success
- Strong analytical and problem-solving skills.
- Strong drive to excel professionally, and to guide and motivate others.
- Advanced written and verbal communication skills.
- Dedicated, innovative, resourceful, analytical, and able to work under pressure.
- Foster an efficient, innovative, and team-oriented work environment.
What working at EY Offers
EY offers an attractive remuneration package for rewarding both personal and team performance. We are committed to be an inclusive employer and are happy to consider flexible working arrangements. In addition, but not limited to our benefits include:
- 13th salary and yearly bonus
- Provident Fund
- Private Medical and Life Insurance
- Flexible working arrangements (hybrid work and flexible work schedule)
- Friday afternoon off
- EY Tech MBA and EY MSc in Business Analytics
- EY Badges - digital learning certificates
- Mobility programs (if interested to work abroad)
- Paid Sick Leave
- Paid Paternity Leave
- Yearly wellbeing days off
- Maternity, Wedding, and New Baby Gifts
- EY Employee Assistance Program (EAP) (counselling, legal and financial consultation services)
About EY
EY | Building a better working world.
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
#betterworkingworld
If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
The exceptional EY experience. It’s yours to build.
Apply Now.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics CISA CISM CISSP Cloud Compliance Computer Science Governance IAM ISO 27000 ISO 27001 NIS2 NIST PCI DSS Privacy Risk assessment Risk management SANS Strategy Vulnerability management
Perks/benefits: Career development Flex hours Health care Medical leave Parental leave Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open Senior Network Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs