Cyber Transformation Role - Big 4

Responsibilities

- Engage in Cyber Transformation projects

- Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress

- Execute the engagement requirements, along with review of work by junior team members

- Help prepare reports and schedules that will be delivered to clients and other parties

- Develop and maintain productive working relationships with client personnel

- Build strong internal relationships within EY Advisory Services and with other services across the organization

- Help senior team members in performance reviews and contribute to performance feedback for staff/junior level team members

- Contribute to people related initiatives including recruiting and retaining Cyber Transformation professionals

- Maintain an educational program to continually develop personal skills of staff

- Understand and follow workplace policies and procedures

Skill set requirements

- Strong knowledge of cyber / information security concepts, risk and controls concepts

- Strong knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI - DSS, NIST standards on Cyber Security, HITRUST, etc.

- Strong knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc.

- Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts

- Good knowledge of OS (Windows / Linux) security, Database security

- Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus

- Familiar with OWASP and Secure SDLC standards / frameworks

- Good knowledge of IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.)

- Good knowledge of Security architecture design and review

- Security operations (SOC, SIEM) skills in assessment, design, architecture, management and reporting

- Knowledge on reviewing firewall rulesets

- Experience in LAN/WAN architectures and reviews

- Knowledge on Privacy

- Governance and reporting

- Good knowledge of cyber threats and vulnerabilities related to platform and infrastructure

- Knowledge of vulnerability management

- Knowledge of anti-virus solutions (e.g. Symantec, McAfee, etc.)

- Basic knowledge of incident management

- Basic knowledge of encryption

- Knowledge of creation of cyber policies and procedures

Educational qualifications and Certifications

- Graduates / BE - B. Tech / MCA / M. Sc (Stats, Maths, Computer Science) / MBA with background in computer science and programming

- CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditorand Lead Implementer