Senior InfoSec Consultant
About the role
The EY Global Information Security team is looking for a Senior InfoSec Consultant to lead the design, development, and implementation of security controls for market-leading regional and global systems based primarily on Cloud technologies. This role involves working closely with client engagement teams and technologists worldwide to support digitally-enabled services leveraging leading technologies.
Responsibilities
- Design, implement, and access security controls for cloud-based systems using agile methodologies and CI/CD pipelines.
- Develop and enforce security protocols for blockchain technologies and applications.
- Work with developers, architects, and business leaders to ensure security is integrated into digital practices across business processes.
- Support third-party security assessments and understand the applicability of SOC1 and SOC2 reports.
- Represent Security Consulting to advanced innovation teams to integrate the latest technology and thinking into the global technology team.
Requirements
- Significant working security experience and knowledge in designing, implementing, and operating security controls in AI, blockchain, cloud security, application security, and infrastructure security.
- Experience with AI security technologies, especially Gen AI and rapid-growing LLMs.
- Experience with cloud security, particularly Microsoft Azure and Azure PAAS services.
- Experience with application security, including REST API and microservices architecture.
- Experience with infrastructure security, including identity & access management, intrusion detection and prevention, and data encryption.
- Advanced degree in Computer Science or a related field; CISSP, CCSP, CISM, or similar certifications preferred.
Skills and Attributes
- Strong communication skills and ability to work with stakeholders at various levels.
- Knowledge of IT system architecture and cloud technology, as well as supporting technologies like IAM, network security, and user account management.
- Understanding of information security standards such as ISO 27001/27002, CSA, and CIS Controls.
- Experience with cloud security certifications like AZ-500 Azure Security Engineer.
- Experience with product management and understanding of security across all phases of a project.
Qualifications (Ideally)
- Additional working security experience and knowledge in operational security, information security standards, and product management.
Benefits
At EY, we offer a comprehensive compensation and benefits package, including a competitive base salary range ($128,100 to $239,600), a flexible vacation policy, and a range of paid time off options. We also provide medical and dental coverage, a pension plan, and a 401(k) plan. Our team-led and leader-enabled hybrid model allows for flexibility in working arrangements, with most external, client-serving roles expected to work together in person 40-60% of the time over the course of an engagement, project, or year.