EY
Overview
Join to apply for the
Security Consultant
role at
EY At EY, were all in to shape your future with confidence. Well help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. You are seeking a position that allows you to demonstrate your information security skills, experience and ability to solve complex problems. This position is an opportunity to embed information security in a strategic investment by the EY Tax practice that is intended to enable innovation and disruptive new services. Responsibilities Lead and consult in designing, developing and implementing security for complex global applications based on Microsoft Azure technology and the Microsoft technology stack. This is an individual contributor role supporting multiple project teams; not a program management or oversight role. Participate in the design, implementation and certification of security controls across multiple projects/applications. Maintain knowledge of IT system architecture, cloud technologies, IAM, network security, firewalls, user access management, audit and logging, and security concepts per ISO27001, OWASP and related standards. Include awareness of 3rd-party security assessments, SOC1/SOC2 reports, and vendor risk management. The position requires remote work and will use EYs collaboration tools (Teams, SharePoint, AzureDevOps).
Skills And Attributes For Success
Agile & DevOps Methodologies Experience as a contributing member of a balanced team within an Agile development or DevOps environment. Application Security - Design of security controls for multi-tier solutions including access and entitlement management, data tenancy and isolation, encryption, and logging. Familiarity with REST API and microservices architecture. Security scanning tools Experience with SAST/DAST, network sniffers, Burp Suite; collaborate with the internal penetration testing team to identify vulnerabilities and analyze findings with our security controls. Cloud Security Technical understanding of virtualization, cloud infrastructure, and public cloud offerings; experience designing security configuration and controls within cloud-based solutions in Microsoft Azure, Google Cloud Platform, AWS and other vendors. Infrastructure Security Integration of IAM, intrusion detection and prevention, security monitoring, and data encryption solutions into architectures. Identity and Access Management - Active Directory based IAM and Authorization design experience and integration with IDaaS and Federation technologies.
Qualifications
5 years of experience in implementing, advising on, and consulting about security configurations across complex IT architectures, including cloud environments (primarily Microsoft) and on-premises solutions. In-depth knowledge of IT system architecture concepts and cloud technologies, along with IAM, network security, firewalls, software development best practices, auditing, hardening, and related security standards (ISO27001, OWASP, and related). Proficiency in interpreting security reports (SAST and DAST) and advising on remediation plans based on policies and non-functional requirements. Knowledge of GRC tools to work with Compliance on remediation plans of security-related issues. A degree in Computer Science or a related field; security certifications. Excellent communication skills and English proficiency; ability to collaborate with stakeholders from developers and architects to business leaders and EY clients.
Ideally, youll also have
Operational Security Defining operational models and procedures for infrastructure and application security controls. Information Security Standards Knowledge of ISO 27001/27002, NIST CSF, FEDRAMP, CSA and CIS Controls. Cloud security certifications such as AZ-300 Azure Architect Technologies, CISSP or other security-related certifications. Product Management Working with a broader business team on security aspects from concept to design, implementation and ongoing operations.
What We Look For
We are looking for individuals with a passion for information security and demonstrated ability to apply their knowledge to new and emerging technologies that support EYs growth strategy. What We Offer You
Compensation and benefits package with ranges: base salary in the US $76,400 to $138,600; New York City Metro, Washington State and California ranges, $91,700 to $157,500. Salaries are determined by education, experience, knowledge, skills and geography. Total Rewards include medical and dental coverage, pension and 401(k) plans, and paid time off options. Hybrid model: most client-serving roles require in-person collaboration 40-60% of the time. Flexible vacation policy and designated EY holidays, personal/family care leave, and other well-being-related time off.
Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an ongoing basis. For those living in California, additional information is available. EY is an equal opportunity employer and EY is committed to providing reasonable accommodation to qualified individuals with disabilities, including veterans. If you need assistance applying online or an accommodation, please call 1-800-EY-HELP3 or contact EYs Talent Shared Services team. #J-18808-Ljbffr
Join to apply for the
Security Consultant
role at
EY At EY, were all in to shape your future with confidence. Well help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. You are seeking a position that allows you to demonstrate your information security skills, experience and ability to solve complex problems. This position is an opportunity to embed information security in a strategic investment by the EY Tax practice that is intended to enable innovation and disruptive new services. Responsibilities Lead and consult in designing, developing and implementing security for complex global applications based on Microsoft Azure technology and the Microsoft technology stack. This is an individual contributor role supporting multiple project teams; not a program management or oversight role. Participate in the design, implementation and certification of security controls across multiple projects/applications. Maintain knowledge of IT system architecture, cloud technologies, IAM, network security, firewalls, user access management, audit and logging, and security concepts per ISO27001, OWASP and related standards. Include awareness of 3rd-party security assessments, SOC1/SOC2 reports, and vendor risk management. The position requires remote work and will use EYs collaboration tools (Teams, SharePoint, AzureDevOps).
Skills And Attributes For Success
Agile & DevOps Methodologies Experience as a contributing member of a balanced team within an Agile development or DevOps environment. Application Security - Design of security controls for multi-tier solutions including access and entitlement management, data tenancy and isolation, encryption, and logging. Familiarity with REST API and microservices architecture. Security scanning tools Experience with SAST/DAST, network sniffers, Burp Suite; collaborate with the internal penetration testing team to identify vulnerabilities and analyze findings with our security controls. Cloud Security Technical understanding of virtualization, cloud infrastructure, and public cloud offerings; experience designing security configuration and controls within cloud-based solutions in Microsoft Azure, Google Cloud Platform, AWS and other vendors. Infrastructure Security Integration of IAM, intrusion detection and prevention, security monitoring, and data encryption solutions into architectures. Identity and Access Management - Active Directory based IAM and Authorization design experience and integration with IDaaS and Federation technologies.
Qualifications
5 years of experience in implementing, advising on, and consulting about security configurations across complex IT architectures, including cloud environments (primarily Microsoft) and on-premises solutions. In-depth knowledge of IT system architecture concepts and cloud technologies, along with IAM, network security, firewalls, software development best practices, auditing, hardening, and related security standards (ISO27001, OWASP, and related). Proficiency in interpreting security reports (SAST and DAST) and advising on remediation plans based on policies and non-functional requirements. Knowledge of GRC tools to work with Compliance on remediation plans of security-related issues. A degree in Computer Science or a related field; security certifications. Excellent communication skills and English proficiency; ability to collaborate with stakeholders from developers and architects to business leaders and EY clients.
Ideally, youll also have
Operational Security Defining operational models and procedures for infrastructure and application security controls. Information Security Standards Knowledge of ISO 27001/27002, NIST CSF, FEDRAMP, CSA and CIS Controls. Cloud security certifications such as AZ-300 Azure Architect Technologies, CISSP or other security-related certifications. Product Management Working with a broader business team on security aspects from concept to design, implementation and ongoing operations.
What We Look For
We are looking for individuals with a passion for information security and demonstrated ability to apply their knowledge to new and emerging technologies that support EYs growth strategy. What We Offer You
Compensation and benefits package with ranges: base salary in the US $76,400 to $138,600; New York City Metro, Washington State and California ranges, $91,700 to $157,500. Salaries are determined by education, experience, knowledge, skills and geography. Total Rewards include medical and dental coverage, pension and 401(k) plans, and paid time off options. Hybrid model: most client-serving roles require in-person collaboration 40-60% of the time. Flexible vacation policy and designated EY holidays, personal/family care leave, and other well-being-related time off.
Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an ongoing basis. For those living in California, additional information is available. EY is an equal opportunity employer and EY is committed to providing reasonable accommodation to qualified individuals with disabilities, including veterans. If you need assistance applying online or an accommodation, please call 1-800-EY-HELP3 or contact EYs Talent Shared Services team. #J-18808-Ljbffr