Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Enterprise Information Security Architect/Consultant

Expired Job

Ernst & Young LLP Alpharetta , GA 30023

Posted 4 months ago

Join our Core BusinessServices (CBS) team and you will help support the important business enablementfunctions that keep our organization running strong. As a CBS professional, youwill work across teams to provide the knowledge, resources and tools that helpEY deliver exceptional quality service to our clients, win in the marketplaceand support EY's growth and profitability. Major teams within CBS include

Finance, Information Technology, Human Resources, Enterprise Support Services,Brand Marketing and Communications, Business Development, Knowledge and RiskManagement.

With so many offerings,you have the opportunity to develop your career through a broad scope ofengagements, mentoring and formal learning. That's how we develop outstandingleaders who team to deliver on our promises to all of our stakeholders, and inso doing, play a critical role in building a better working world for ourpeople, for our clients and for our communities. Sound interesting? Well thisis just the beginning. Because whenever you join, however long you stay, theexceptional EY experience lasts a lifetime.

Job Summary

As an Information Security Consultant, theindividual will provide security guidance to internal IT project teamsresponsible for delivering business solutions, with focus on Office 365. TheInformation Security Consultant will identify and prioritize security-relatedrequirements, promote secure-by-default designs and ensure information systemsand infrastructure will be secured throughout system development life cycle(SDLC).

Key Responsibilities

The Information Security Consultant will alsobe expected to perform risk assessments of information systems andinfrastructure, develop appropriate risk treatment and mitigation options, andeffectively articulate findings and recommendations to IT project teams andmanagement. The successful candidate must have solid background of securitydevices and controls used in the infrastructure. The Information Security Specialist will beexpected to work on multiple projects and tasks concurrently.

Knowledge, Skills, and Experience Requirements

  • A minimum of 8-10 years of experience in anInformation Security or Information Technology discipline

  • A good understanding of hosting criticalworkloads in cloud platforms, including Amazon AWS, Microsoft Azure, Office 365.

  • Specific experience in Exchange Online,Exchange On-Prem and other O365 services / deployments and the challenges withsecurity.

  • Experience in defining security for PaaSand IaaS implementations; Such as system configuration, policy, tenant policyrestrictions, access control, authentication (including federation), data atrest, and data in transit security.

  • A thorough understanding of the OWASP Top10 vulnerabilities, risk and impact such as Injection, Broken Authenticationand Session Management, XSS, CSRF, Security misconfiguration and others.

  • Knowledgeable with Vulnerability scanningand Penetration testing methodology

  • Working experience in performing securityassessments of applications.

  • Experience defining security controlrequirements related to IT infrastructure and multi-tier information systems.

  • Develop appropriate risk treatment andmitigation options to address security risks identified during security reviewor assessments

  • Knowledge of common information securitystandards and risk methodologies, such as: ISO 27001/27002, NIST, PCI DSS,ITIL, COBIT

  • Ability to document business and technicalrequirements, reports, Minimum Security Baselines and presentations.

  • Translate technical vulnerabilities intobusiness risk terminology for business units and recommend corrective actionsto customers and project stake-holders

  • Ability to team well with others tofacilitate and enhance the understanding & compliance to security policies

  • Excellent interpersonal, communication,organizational, and project management skills

  • Flexibility to adjust to multiple demands, shifting priorities,ambiguity, and rapid change

Qualifications, Certifications, and EducationRequirements

  • Bachelor's degree in Computer Science or arelated discipline, or equivalent work experience

  • Candidates are preferred to hold or be actively pursuing relatedsecurity professional certifications such as CISSP, CISM or CISA

See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Enterprise Cloud Security Consultant

Change Healthcare

Posted 1 week ago

VIEW JOBS 11/1/2018 8:47:10 PM 2019-01-30T20:47 <p>Responsibilities include, but are not limited to:</p> <p> </p> <ul> <li>Provide Advisement & Consulting services to non-Security groups across the enterprise; review and assess solution proposals, identify and communicate necessary security controls to ensure the enterprise data, processes and brand are secure while enabling our Business; identify alternative solutions and mitigating controls when necessary</li> <li>Serve as a security SME for high visibility cloud and non-cloud computing initiatives</li> <li>Design and document a cloud security strategy to ensure a consistent cloud security framework.</li> <li>Develop cloud and non-cloud security policies & standards, based on sound enterprise architecture practices</li> <li>Participate in or drive projects to evaluate public and private cloud services/technologies as well as non-cloud solutions to meet business objectives</li> <li>Create security reference architectures for the public, private, and hybrid cloud initiatives</li> <li>Analyze and design cloud and non-cloud application deployments and migration strategy and processes</li> <li>Liaise with other security architects and security practitioners to share cloud and non-cloud computing best practices and insights</li> <li>M&A due diligence</li> <li>Vendor solution evaluation</li> <li>Mentor and educates less experienced staff</li> <li>Maintain current technical security knowledge by participating in educational opportunities, reading professional publications, maintaining personal networks and performing research</li> </ul> <p>This position requires 7+ years experience with the following:</p> <ul> <li>Experience in using architecture methodologies such as SABSA, Zachman and/or TOGAF</li> <li>Experience in using container architecture such as Docker, Kubernetes, etc.</li> <li>Full-stack knowledge of IT infrastructure: Applications, Databases, Operating systems - Windows, Unix and Linux, Hypervisors, IP networks - WAN and LAN, Storage networks - Fibre Channel, iSCSI and NAS, Backup networks and media</li> </ul> <ul> <li>Direct experience designing IAM technologies and services: <ul> <li>Active Directory</li> <li>Lightweight Directory Access Protocol (LDAP)</li> <li>Amazon Web Service (AWS) IAM</li> </ul> </li> <li>Strong working knowledge of IT service management (e.g., ITIL-related disciplines): <ul> <li>Change management</li> <li>Configuration management</li> <li>Asset management</li> <li>Incident management</li> <li>Problem management</li> </ul> </li> </ul> <p>Additional Requirements:</p> <ul> <li>Education: Bachelors or master's degree in computer science, information systems, cybersecurity, or a related field</li> <li>Must be cloud certified in any of the following, AWS Cloud, GCP Cloud, SANS, ISC2 etc.. </li> </ul> Change Healthcare Alpharetta GA

Enterprise Information Security Architect/Consultant

Expired Job

Ernst & Young LLP