Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.
We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team stays highly relevant by researching and discovering the newest security vulnerabilities, attending and speaking at top security conferences around the world, and sharing knowledge on a variety of topics with key industry groups. The team frequently provides thought leadership and information exchanges through traditional and less conventional communications channels such as speaking at conferences, publishing white papers and blogging.
Our professionals work together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients.
Responsibilities of our Connected Product Security Archiitect may include:
Effectively lead and motivate client engagement teams and provide technical leadership in the assessment, design, and implementation of connected product security and IT risk solutions.
Generate new business opportunities by participating in market facing activities and developing thought leadership materials
Understand EY and its service lines. Actively encourage team members to contribute ideas and identify opportunities to introduce Ernst & Young LLP services
Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology and tools to enhance the effectiveness of deliverables and services
Foster an innovative and inclusive team-oriented work environment. Play an active role in counseling and mentoring junior Cybersecurity team members
Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes
Use knowledge of the current IT environment and industry trends to identify engagement and client service issues, and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business
Foster relationships with client personnel to analyze, evaluate, and enhance information systems to develop and improve security at procedural and technological levels
Assist with cultivating and managing business development opportunities. Understand EY and its service lines and actively assess/present ways to serve clients
To qualify, candidates must have:
Bachelor's degree and a minimum of 5 years of related work experience, or a Master's degree and approximately 4 years of related work experience in the fields of Product Engineering and Security, Computer Science, Information Systems, Engineering, Business or related major
Demonstrated experience with product development including hardware and software design
A minimum of 4 years of related work experience writing enterprise security standards, policies, and coding guidelines
Experience conducting products security vulnerability assessments(including connected products) and attacks including creation of proof-of-concept exploits
Demonstrated experienced with Embedded microprocessor, bootloaders and operating systems
Experienced in Integrated circuit design, fabrication, failure analysis OR reverse engineering integrated circuits
Experienced in Designing, developing, testing, debugging embedded software
Familiar with Hardware/embedded system hacking, reverse engineering firmware and fuzz testing
Knowledge of Automotive communications (CAN, LIN, Ethernet, FlexRay, MOST)
Knowledge of SIM/UICC/Secure Element/NFC/RTOS and Driver Development
Familiar in Cybersecurity strategic planning, architecture migration strategies, or security engineering strategy
Familiar in key Information Security domains such as identity, access management, and cryptography
Knowledge of industry standards with respect to security in connected products such as MISRA, NHTSA, etc.
Knowledge of networking and system- level concepts at the hardware layer
Familiar with performing product security architecture review and risk assessments
Understanding of best practice methodologies in secure development of connected products including protocols for secure communications
Understanding of development methodologies such as waterfall, agile, and continuous integration
Ability to examine issues both strategically and analytically
Strong communication skills with demonstrated ability to interact with senior management, technical SMEs, business partners, and influence decisions
Ability to work on multiple, simultaneous initiatives
Prior Big 4 or other relevant consulting experiences a plus.
A valid driver's license in the US and a valid passport required; willingness and ability to travel domestically and internationally to meet client needs; estimated 80% travel required
The successful candidate must hold or be willing to pursue related professional certifications such as the CISM, GIAC, Open Group Certified Architect, CEH, CISSP, or equivalent
Ernst & Young LLP, an equal employment opportunity employer (Females/Minorities/Protected Veterans/Disabled), values the diversity of our workforce and the knowledge of our people.
Ernst & Young LLP