GDS Consulting - Cybersecurity Senior Consultant

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Cybersecurity Senior Consultant
This requires good knowledge of various CSPs like Azure, AWS, and GCP, as well as cyber security concepts. Provide expert guidance and recommendations to clients on best practices for securing their digital assets, including cloud environments and web applications.
 
Specific role responsibilities include:
Application Security:
•    Evaluate, design, and implement secure application architectures.
•    Conduct threat modeling and design reviews to assess security implications of new technologies.
•    Collaborate with development teams to ensure secure coding practices.
•    Perform vulnerability assessments and provide guidance for remediation.

Cloud Security:
•    Architect and implement secure solutions on cloud platforms (e.g., Amazon Web Services, Microsoft Azure).
•    Assess security risks associated with cloud environments.
•    Monitor cloud systems for threats and vulnerabilities.
•    Assist with incident response and recovery in cloud environments.

Infrastructure Security:
•    Plan and maintain infrastructure security measures (firewalls, IDS/IPS, SIEM, etc.).
•    Establish and manage data access controls (IAM).
•    Integrate security into the software development lifecycle (SDLC).
•    Evaluate new security solutions and products.

Threat Risk Assessments:
•    Identify and assess potential threats to systems and assets.
•    Analyze risks based on likelihood and impact.
•    Develop risk mitigation strategies and recommendations.
•    Collaborate with stakeholders to prioritize security enhancements.

Collaboration and Documentation:
•    Work closely with internal and external teams to lead engagements.
•    Create and deliver security design documents and risk assessment reports.
•    Maintain comprehensive security documentation.

Qualifications:
•    Bachelor’s degree in computer science, business, information technology, or a related field.
•    5+ years of experience with cybersecurity
•    Strong understanding of security principles and best practices, including encryption, authentication, access control, and security architecture.
•    Experience in any cloud platforms (e.g., AWS, Azure, GCP)..
•    Experience and knowledge of PKI, CLM, Key Management and Secrets Management.
•    Experience and knowledge of IAM technologies such as OAuth2, OpenID Connect, and SAML 2.0
•    Experience and knowledge of Kubernetes and/or other similar workload orchestration technologies
•    Experience and knowledge in any scripting languages
•    Knowledge in risk management
•    Familiarity with standards like NIST, CIS, ISO etc.. 
•    Knowledge of enterprise application software.
•    Ability to work independently and in a team environment.
•    Excellent interpersonal and communication skills.
•    Relevant certifications (e.g., CISSP, CISM, CEH, Azure, AWS, GCP, etc..) are a plus, but not required.
•    Wiling to work on graveyard shift is a must

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.