GDS Advisory _ Cybersecurity Risk Management Senior Consultant
Ernst & Young Global Limited
Philippines
2d ago

Job Description :

  • Analyst / Associate Consultant in the Risk Advisory team to work on various Cyber Risk Management projects for our customers across the globe.
  • Deliver high quality work products as per firm’s guidelines. You will need to actively establish, maintain and strengthen relationships with other team members.
  • You’ll need to report any identified risks within engagements and share any issues and updates with other members of the team.

  • Engage in Cyber Risk Management projects in the capacity of execution of deliverables
  • Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating other team members on progress
  • Manage Staff level resources in terms of reviewing output quality as well as balancing resource workload
  • Present team services to visitors and clients with the objective of gaining new customers or additional work
  • Help prepare reports and schedules that will be delivered to clients and other parties
  • Demonstrate an application and solution-based approach to the problem solving technique
  • Review of working papers and client folders. Suggest ideas on improving engagement productivity and identify opportunities for improving client service
  • Manage engagement budgets and support superiors in developing marketing collaterals, business proposals and new solution / methodology development
  • Willing to travel to the customers locations as needed basis
  • Be a part of and driving the quality culture at EYA GTH
  • Contribute to people related initiatives
  • Understand and follow workplace policies and procedures
  • Job Requirements : Mandatory skills :

    Mandatory skills :

  • Knowledge of Information Security Frameworks such as ISO27001, PCI-DSS, NIST, etc
  • Implementation / audit of ISO27001 or equivalent ISMS
  • Knowledge of data privacy frameworks or regulations such as GDPR or Philippines Data Privacy Act 2012
  • Ability to conduct a Privacy Impact Assessment for a process or organization
  • Knowledge of cyber / information security concepts, risk and controls concepts
  • Experience creating or supporting a security awareness campaign for an organization
  • Conduct Security Risk Assessments based on customer requirement as well as industry standards
  • Advise clients on the IT security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the systems.
  • Ability to communicate in a clear and concise manner.
  • Ability to prioritize tasks and work accurately under pressure in order to meet deadlines.
  • Experience in vendor security risk management (Risk Assessment, Risk Governance, Mitigation Controls, Risk Methodologies)
  • Knowledge of OS (Windows / Linux) security, Database security
  • Knowledge of IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.)
  • Basic knowledge of encryption
  • Graduates / BE - B. Tech / MCA / M. Sc. (Stats, Maths, Computer Science) with background in computer science and programming and 0 4 years of experience
  • Preferred skills :

  • Experience in incident management
  • Knowledge of standards such as ISO 22301, ISO 31000, NIST standards on Cyber Security, HITRUST, etc.
  • Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc.
  • ISO 27001 Lead Auditor or Lead Implementer
  • Knowledge of TCP / IP, concepts of OSI layer and protocols, networking and security concepts
  • Knowledge of cyber threats and vulnerabilities related to platform and infrastructure
  • CISM / CISA / CRISC and Data Privacy certification
  • Job Description :

  • Analyst / Associate Consultant in the Risk Advisory team to work on various Cyber Risk Management projects for our customers across the globe.
  • Deliver high quality work products as per firm’s guidelines. You will need to actively establish, maintain and strengthen relationships with other team members.
  • You’ll need to report any identified risks within engagements and share any issues and updates with other members of the team.

  • Engage in Cyber Risk Management projects in the capacity of execution of deliverables
  • Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating other team members on progress
  • Manage Staff level resources in terms of reviewing output quality as well as balancing resource workload
  • Present team services to visitors and clients with the objective of gaining new customers or additional work
  • Help prepare reports and schedules that will be delivered to clients and other parties
  • Demonstrate an application and solution-based approach to the problem solving technique
  • Review of working papers and client folders. Suggest ideas on improving engagement productivity and identify opportunities for improving client service
  • Manage engagement budgets and support superiors in developing marketing collaterals, business proposals and new solution / methodology development
  • Willing to travel to the customers locations as needed basis
  • Be a part of and driving the quality culture at EYA GTH
  • Contribute to people related initiatives
  • Understand and follow workplace policies and procedures
  • Job Requirements : Mandatory skills :

    Mandatory skills :

  • Knowledge of Information Security Frameworks such as ISO27001, PCI-DSS, NIST, etc
  • Implementation / audit of ISO27001 or equivalent ISMS
  • Knowledge of data privacy frameworks or regulations such as GDPR or Philippines Data Privacy Act 2012
  • Ability to conduct a Privacy Impact Assessment for a process or organization
  • Knowledge of cyber / information security concepts, risk and controls concepts
  • Experience creating or supporting a security awareness campaign for an organization
  • Conduct Security Risk Assessments based on customer requirement as well as industry standards
  • Advise clients on the IT security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the systems.
  • Ability to communicate in a clear and concise manner.
  • Ability to prioritize tasks and work accurately under pressure in order to meet deadlines.
  • Experience in vendor security risk management (Risk Assessment, Risk Governance, Mitigation Controls, Risk Methodologies)
  • Knowledge of OS (Windows / Linux) security, Database security
  • Knowledge of IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.)
  • Basic knowledge of encryption
  • Graduates / BE - B. Tech / MCA / M. Sc. (Stats, Maths, Computer Science) with background in computer science and programming and 0 4 years of experience
  • Preferred skills :

  • Experience in incident management
  • Knowledge of standards such as ISO 22301, ISO 31000, NIST standards on Cyber Security, HITRUST, etc.
  • Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc.
  • ISO 27001 Lead Auditor or Lead Implementer
  • Knowledge of TCP / IP, concepts of OSI layer and protocols, networking and security concepts
  • Knowledge of cyber threats and vulnerabilities related to platform and infrastructure
  • CISM / CISA / CRISC and Data Privacy certification
  • Apply
    Add to favorites
    Remove from favorites
    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form