UKI TC Cloud Security Architect - Manager

at  EY

EXPERIENCE AND ATTRIBUTES FOR SUCCESS:

Experience:

• 5-7 years’ experience working in cyber security technical roles advising on security controls design, implementation and testing on across various sectors.
• Experience with audits of compliance frameworks such as PCI, ISO, or HIPAA.
• Experience in ‘Big 4’ or similar consultancy experience in the Irish market.
• Track record in supporting the delivery of a broad range of cyber security controls and projects in an Enterprise environment.
• Government, Transport, Financial sector experience desirable.
• Driven cyber security professional with a passion for information security and securing client infrastructures.
• Strong analytical skills to solve technical issues and flexibility in handling multiple issues at once.

QUALIFICATIONS:

• Undergraduate or masters’ degree preferably in one of the following areas: Information Security, Cyber Security, Cloud Computing, Information Systems, Computer Science, Engineering, and/or other equivalent industry certification.
• Industry-related certification preferred (e.g. CISSP, CISM, SANS, SABSA, TOGAF).
• Cloud Security (Azure AZ900, AZ500 and AWS Security an advantage).

YOUR KEY RESPONSIBILITIES

Your role will be as a security architect to assist in security architecture design reviews through the lifecycle complex projects across a wide selection of technologies and platforms for our client’s digital solutions. You will secure enterprise information by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; mentoring team members.
You will belong to an internationally connected team of specialists helping clients with their most complex cybersecurity needs and contributing toward their security posture and business resilience.
The successful candidate will have a highly technical information security background and will be well versed in cloud security technologies, standards and best practices. Preference will be given to any candidate who has experience in securing cloud environments with strong network and hybrid cloud/on-prem experience. This person will also possess strong organisation and communication skills and the ability to work independently or in a highly collaborative environment.

KNOWLEDGE AND SKILLS FOR THE ROLE INCLUDE

• Ability to take on responsibility for project security review reports and to follow these through to completion including liaising with security and project stakeholders and offer robust security posture advice and ensuring formal security approval of ‘go live’ scenarios.
• Ability to independently lead and support remote teams in performing complex architecture reviews in a variety of environments, liaising with several teams across different client sites.
• Expert-level security knowledge in technical.
• Understanding and experience designing and implementing enterprise security and solution security architectures for large organisations leveraging frameworks such as SABSA and TOGAF.
• Implementation of cybersecurity controls using industry-leading practices such as NIST CSF, NIST 800-53, OWASP, Centre for Internet Security (CIS), ISO 27001, COBIT etc.
• Experience in maintaining compliance with regulations and standards such as NISD, GDPR, PCI-DSS etc in executing security architecture design reviews and advice, in addition to audit requirements and exacting reporting formats.
• Experience in security vulnerability identification, application security remediation and threat modelling approaches such as cyber kill chain, STRIDE, exposure analysis etc.
• An in-depth awareness and understanding of the cyber and business risks associated with the threat and vulnerability and penetration testing domain.
• Requirement to stay up-to-date on current security threats, trends and control solutions.
• Experience in preparing system security reports by collecting, analysing, and summarizing data and trends for project and operational and project governance reporting.
• A consultative manner and customer facing skills with the ability to communicate with stakeholders at all levels and advise on best practices in the security domain.
• Excellent communication and stakeholder management skills and ability to negotiate and manage expectations with business as well as technology stakeholders.