As a security consultant, you will primarily perform certification audits for security and privacy-related controls for EY's clients. This involves conducting comprehensive assessments of organizational information security management systems, evaluating controls, policies, and procedures against international standards like ISO 27001 and ISO 27701. You will work closely with clients to help them demonstrate compliance with cybersecurity and privacy regulations.
The ideal candidate will have a minimum of 3 years of IT auditing experience with advanced knowledge of IT general controls, including security, change management, disaster recovery, and infrastructure. Strong understanding of industry standards such as ISO, ITIL, NIST, and SANS is crucial. Candidates must be able to critically review security policies, design implementation strategies, and possess excellent problem-solving skills with the ability to collaborate across multiple locations.
EY offers a comprehensive compensation package including competitive salary, flexible working arrangements, home office setup support, laptop and smartphone provisions, 25 vacation days, training and education opportunities, and mobility options. The role provides international travel opportunities (30-60%), professional development, and the chance to work with a global team in a dynamic cybersecurity environment.
