Advisory Senior Consultant Cybersecurity Identity & Access Management

Ernst & Young LLP Iselin , NJ 08830

Posted 1 week ago

In a rapidly changing IT environment, clients from all industries look to us for trusted solutions for their increasingly complex risks and vulnerabilities. As a part of our Identity and Access Management (IAM) team you'll be right at the heart of that goal, helping clients gain insight and context to their complex IAM environments and assessing, improving, and building infrastructure, processes and policies in order to meet the client's IAM needs. You'll get to use your technical and business skills in order to help us drive this mission and have an impact on cyber security at a global level.

The opportunity

We currently have a career opportunity for a Manager to be responsible for leading projects or elements of multiple client engagements including service delivery, business development, and related activities.

You'll work alongside respected industry professionals, learning about and using the latest tools and techniques to identify and overcome some of the most relevant and pressing security issues in the world.

Your Key Responsibilities

Our IAM services assist our clients in aligning security management strategy with business goals by managing who has access to which resources and services, as well as enforcing business, privacy, and security policies. Supported by our strategic alliances with third-party vendors, our experienced professionals can provide broad services including: strategy, assessment, testing, and implementation of IAM solutions. Based on your existing experience, knowledge and ambitions, you could have the opportunity to gain experience across a number of our IAM teams, assessing and delivering foundational components of our services. Some of these teams include:

Within the Identity analytics & intelligence team, you'll perform assessments in the following areas:

  • Current state assessments & Application access assessment

  • Capability maturity and benchmarking assessments

  • IAM data analytics

The IAM strategy team is all about developing IAM strategy and road map comprising of:

  • Operating model and governance
  • IAM policies, procedures and standards

On our Identity & access transformation team, you'll provide clients with the following:

  • Design and architecture

  • Process design and re-engineering

  • Cloud and mobile apps access management

  • Access enforcement implementation

  • Access administration implementation

  • Elevated access management

Also you will help support the Identity and access governance team in:

  • IAM program management assistance & Privileged access management

  • Roles and rules management

  • SOD management and other IAM compliance related activities

Skills and Attributes for Success

  • Knowledge of the current security environment and industry trends to identify engagement and client service issues, communicate this information to the engagement team and client management through written correspondence and verbal presentations

  • Work closely with engagement manager to co-lead and own multiple parts of the engagement delivery

  • Ability to consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget

To qualify for the role you must have

  • A bachelor's degree in a related field and approximately 2-3 years of related work experience; or a graduate degree and approximately 2 years of related work experience

  • Experience in one or more of the following:

  • user provisioning and identity management solutions including design or implementation of user provisioning technologies (such as CA eTrust Admin, IBM Tivoli Identity Manager, Securonix, Saviynt);

  • role-based access control including design and development of user access roles;

  • directory services products including design or implementation (such as Radiant Logic)

  • web access control solutions including design and implementation of products (such as RSA Cleartrust, CA/Netegrity Siteminder); analysis of Segregation of Duties

  • An understanding of access control concepts including directory services, SAML, LDAP, PKI

  • Experience in process definition, workflow design, and/or and process mapping

  • A valid driver's license in the US and a valid passport required; willingness and ability to travel internationally and a willingness to travel; travel is estimated at 60-80%

Ideally, you'd also have

  • Strong presentation and communication skills
  • CISSP, CISM, CISA, CIPT, CIPM, CRISC or other relevant certification desired

What we look for

We're interested in intellectually curious people with a genuine passion for cyber security. With your broad exposure across IAM, we'll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.

What working at EY offers

We offer a competitive compensation package where you'll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, both pension and 401(k) plans, a minimum of three weeks of vacation plus 10 observed holidays and three paid personal days, and a range of programs and benefits designed to support your physical, financial and social wellbeing. Plus, we offer

  • Support, coaching and feedback from some of the most engaging colleagues around

  • Opportunities to develop new skills and progress your career

  • The freedom and flexibility to handle your role in a way that's right for you

  • A rewards package tailored to your unique needs

About EY

As a global leader in assurance, tax, transaction and advisory services, we're using the finance products, expertise and systems we've developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we'll make our ambition to be the best employer by 2020 a reality.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Join us in building a better working world. Apply today.

EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Advisory Senior Consultant Cybersecurity Application Security

Ernst & Young LLP

Posted 1 week ago

VIEW JOBS 9/4/2019 12:00:00 AM 2019-12-03T00:00 Our clients are faced with external pressures on an unprecedented scale. The ability to translate strategy into reality is key to their enhanced business performance. As an advisory professional, you will be focused on helping them achieve this goal. You'll work in high-performing teams that deliver exceptional client service, enabling organizations to grow, innovate, protect and optimize their business performance – playing your part in building a better working world. We believe that you should own and shape your career. But we'll provide the support and opportunities to develop the skills, knowledge and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you'll interact and team with individuals from various geographies and sectors. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team stays highly relevant by researching and discovering the newest security vulnerabilities, attending and speaking at top security conferences around the world, and sharing knowledge on a variety of topics with key industry groups. The team frequently provides thought leadership and information exchanges through traditional and less conventional communications channels such as speaking at conferences, publishing white papers and blogging. Our professionals work together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients. Key Responsibilities: * Work with client personnel to enhance the Software Development Life Cycle (SDLC) by adding security to remove vulnerabilities and protect business logic. Establish a security program for the SDLC, capture the client's current application architecture, lead the overall application review process, identify application vulnerabilities, propose architectural changes, design, coordinate, and implement these changes at procedural and technological levels. * Perform detailed Quality Assurance (QA) review of web-based applications, identify and validate application vulnerabilities, and perform actual remediation at architectural and source code levels. * Complete the draft and final reports and other deliverables as specified in planning documentation. Ensure project documentation is complete and archived appropriately. * Act as a subject matter resource in specific programming languages and web application environments. Propose vulnerability risk level and estimated level of remediation effort. Propose code fix or architectural strategies to remediate identified vulnerabilities. Confirm appropriateness of a proposed remediation approach or propose viable alternatives and perform the actual remediation. * Collaborate with the engagement team to plan the engagement and develop work programs, timelines, and planning documentation. Work with the team to document the business processes dependent on IT. Ensure high-quality client service by directing daily progress of fieldwork, informing supervisors of engagement status, and managing staff performance. * Demonstrate and apply a thorough understanding of complex enterprise systems. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues. Communicate appropriately with the engagement team and client management through written correspondence and verbal presentations. * Demonstrate and apply strong project management skills, inspire teamwork and responsibility with engagement team members, and use current technology and tools to enhance the effectiveness of deliverables and services. To qualify, candidates must have: * Bachelor's degree and a minimum of 2 years of related work experience; or a Master's degree and approximately 1-2 years of related work experience in the fields of Computer Science, Information Systems, Engineering, Business or related major. * Experience conducting application security vulnerability assessments and attacks including creation of proof-of-concept exploits. * Experience with tools such as Fortify, AppScan, WebInspect, Burp, ZAP. * Demonstrated experience with enterprise application development in one or more of the common development platforms: Java/J2EE, .NET/C#, C/C++, PHP, Python, or Flash. * Demonstrated experience in Information Security strategic planning, architecture migration strategies or security engineering strategy. * Knowledge of networking and system-level concepts such as web application architecture, REST APIs, SOAP, jQuery, AJAX, message oriented architecture. * Demonstrated experience in key Cybersecurity domains such as identity, access management, and cryptography. * Enterprise experience with application development for mobile platforms such as iOS, or usage of mobile frameworks such as Kony or PhoneGap is a plus. * Understanding of best practice methodologies in application security including OWASP and mobile. * Understanding of development methodologies such as waterfall, agile, continuous integration. * Demonstrated experience in writing enterprise security standards, policies, coding guidelines. * Ability to examine issues both strategically and analytically. * Proficiency in the English language, including the ability to listen, understand, read, and communicate effectively both written and verbally in a professional environment. * Demonstrated characteristics of a forward thinker and self-motivator who thrives on new challenges and adapts to learning new knowledge. * Strong analytical and problem-solving skills. * A military/government background is a plus. * Prior Big 4 or other relevant consulting experiences a plus. * A strong work ethic. * Able to work collaboratively in a team environment. * A valid driver's license in the US and a valid passport required; willingness and ability to travel domestically and internationally to meet client needs; estimated 80% travel required. * The successful candidate must hold or be willing to pursue related professional certifications such as the CISSP, Open Group Certified Architect, or CEH certification. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. Ernst & Young LLP Iselin NJ

Advisory Senior Consultant Cybersecurity Identity & Access Management

Ernst & Young LLP