Logo
EY

Security Consultant Job at EY in Secaucus

EY, Secaucus, NJ, United States, 07094

Save Job

Overview

Join to apply for the Security Consultant role at EY.

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world.

Responsibilities

This position is a leading and consulting role in designing, developing and implementing all aspects of security for complex global applications based on Microsoft Azure technology and the Microsoft technology stack. The role is an individual contributor capable of supporting multiple project teams, focusing on the design, implementation and certification of security controls across multiple projects and applications. It requires knowledge of IT system architecture, cloud technology, and supporting security concepts such as IAM, network security, firewalls, user account management, audit and logging, and compliance with standards such as ISO27001 and OWASP. It also includes understanding 3rd party security assessments and the applicability of SOC 1 and SOC 2 reports and vendor risk management. The position requires the ability to work remotely using EY’s collaboration tools such as Teams, SharePoint, and AzureDevOps.

Skills And Attributes For Success

  • Significant working security experience and knowledge in the design, implementation and operation of security controls in one of the following areas:
    • Agile & DevOps methodologies – Experience as a contributing member of a balanced team within an Agile development or DevOps environment.
    • Application Security - Experience with the design of security controls for multi-tier business solutions including application-level access and entitlement management, data tenancy and isolation, encryption, and logging. Familiarity with REST API and microservices architecture.
    • Security scanning tools – Experience in SAST & DAST, network sniffers, Burp Suite, etc. Work with internal PEN testing team to identify vulnerabilities and analyze findings with security controls.
    • Cloud Security – Technical understanding of virtualization, cloud infrastructure, and public cloud offerings; experience designing security configuration and controls within cloud-based solutions in Microsoft Azure, Google Cloud Platform, Amazon AWS, and other vendors.
    • Infrastructure Security – Experience integrating infrastructure security technologies into solution architectures, including IAM, intrusion detection and prevention, security monitoring, and data encryption solutions.
    • Identity and Access Management - Active Directory-based IAM and Authorization design experience and integration with IDaaS and Federation technologies.

To qualify for the role

To qualify for the role, you must have 5 years of experience in:

  • Extensive experience implementing, advising on, and consulting about security configurations across complex IT architectures, including cloud environments (primarily Microsoft, but also including a range of IaaS, PaaS, and SaaS offerings from multiple vendors) and on-premises solutions.
  • In-depth knowledge of IT system architecture concepts and cloud technologies, along with IAM, network security, firewalls, software development best practices, auditing, hardening, and other security principles per ISO27001, OWASP, and related security standards.
  • Proficiency in interpreting SAST/DAST reports and testing outcomes for applications, providing advice on necessary corrections and security measures based on policies and non-functional requirements.
  • Knowledge of GRC tools to work with Compliance on remediation plans for security-related issues.
  • A degree in Computer Science or a related field.
  • Security certifications
  • Excellent communication skills in English and the ability to collaborate with stakeholders ranging from developers and architects to business leaders and EY’s clients.

Ideally, you’ll also have

It is preferred that candidates possess additional working security experience and knowledge in one or more of the following areas:

  • Operational Security – Defining operational models and procedures for business solutions including operation and maintenance of infrastructure and application security controls.
  • Information Security Standards – Knowledge of ISO 27001/27002, NIST CSF, FEDRAMP, CSA and CIS Controls.
  • Cloud security certifications such as AZ-300, CISSP or other security-related certifications.
  • Product Management – Working with a broader business team on security aspects from concept to design to implementation and operation.

What We Look For

We are looking for individuals with a passion for information security and the ability to apply their knowledge to new and emerging technologies that support EY’s growth strategy.

What We Offer You

  • We offer a comprehensive compensation and benefits package where you’ll be rewarded based on performance; the base salary range for this job in all geographic locations in the US is $76,400 to $138,600. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $91,700 to $157,500. Individual salaries are determined by education, experience, knowledge, skills, and geography. Our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and paid time off.
  • Join us in our team-led and leader-enabled hybrid model. Most external client-serving roles are expected to work together in person 40-60% of the time over a project or year.
  • Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own circumstances, and you’ll receive time off for EY Holidays, breaks, and other leaves as needed to support well-being.

Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an on-going basis.

EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.

EY | Building a better working world

EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

Equal Employment Opportunity

EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.

EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com.

Seniority level

  • Mid-Senior level

Employment type

  • Full-time

Job function

  • Information Technology

Industries

  • Professional Services
#J-18808-Ljbffr