Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business.
You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cyber-crime
You’ll work in high-performing teams that deliver exceptional client service, enabling organizations to grow, innovate, protect and optimize their business performance – playing your part in building a better working world.
About the Opportunity:
As a cybersecurity professional in EY Singapore, you will have the chance to work in engagement teams serving our clients in providing independent assessments or implementation of cyber solutions. You will belong to an international connected team of specialists helping our clients with their most complex cybersecurity needs and contributing toward their business resilience.
We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment.
So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
Whether you’re in Core Cybersecurity, Operational Technology, Attack and Penetration, Digital Governance, Solution and Architecture or DevSecOps and Cloud Security, we’ll support you to develop the skills, knowledge and experience to succeed.
What You Will Do
On a typical day, you will work with your project team and the client to execute engagements which help the client to measure the effectiveness of its cybersecurity programs, assess the cybersecurity risk of a client; evaluate the maturity of a security program, test the effectiveness of cyber controls, assist the client in complying with the various cyber policies and regulations, and help implement new cyber control processes and tools to perform more effective cyber risk management.
An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. We will look to you to stay abreast of current cyber regulations and industry practices, as well as display teamwork and integrity to support and value the team’s contributions, which fosters innovation.
The Operation Technology Team provides cybersecurity services to clients who run operational technology environments and/or critical information infrastructures.
As an OT Cybersecurity Consultant, you will be part of an elite and dynamic team performing a myriad of cybersecurity services to help the clients identify any vulnerabilities or weaknesses, design and implement processes and solutions for the clients to better protect their systems, monitor and detect any cybersecurity attacks, respond to and recover from these attacks. Examples of such services are risk assessments, gap assessments and analysis, cybersecurity compliance audits, vulnerability assessments, penetration tests, cyber incident simulation exercises etc.
Attack and Penetration - A&P:
Our A&P services provide technical cyber assessments that aim to assist clients gain insight and context to their cyber threats and assessing, improving, and building security operations in order to mitigate these threats.
As an A&P team member, you will be responsible for performing web application/mobile penetration testing, network penetration testing, source code review and red team assessment. You will also be involved in conducting social engineering exercises and respond to incidents for clients suffering from security breach/cyberattack.
As a Digital Governance (DG) professional, you will participate in technology engagements, with a focus in the implementation of Governance Risk and Compliance (GRC) solutions to provide technology enablement of clients’ risk-related processes. You will also be participating in configuring/ designing insightful risk and compliance dashboards for senior management to enable them to take informed and timely decisions.
Solution and Architecture:
Being part of the Solution and Architecture team means you will be involved to analyze the client’s cybersecurity requirements, design a suitable solution, test that the solution is built to specifications, deploy the solution to the client’s live environment and then continuously enhance and optimize the solution to improve the client’s cybersecurity posture.
You will have the opportunity to learn, evaluate and deploy state of the art technology to protect, detect and respond to threats. You can become the cybersecurity architect in the domain you choose.
DevSecOps and Cloud Security:
The DevSecOps and Cloud Security team mainly focusses on application and platform security and provides services to both EY teams in large transformation projects and to external clients. The team focusses on people, processes and technology, including change management, building DevSecOps strategies and operating models, developing processes for enabling DevSecOps and Cloud security as well as technical implementation and testing covering CASB, Container Security, SAST, DAST and Software Composition Analysis.
As a DevSecOps member you may be running assessments within our operations to help developers secure their applications or assist with implementation of the tools and integration within the CI/CD pipelines. In addition, you will also assist oversee security governance within the large transformation projects EY does, where we assist ensuring the systems, we develop for our clients are secure and tested.
Your Key Responsibilities:
This is a role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between developing security strategies, advising stakeholders, providing workshops and supporting business development. If you’re flexible and ready to adapt to a constantly changing environment, there’s no better place to develop your skills. Since you’ll be working directly with clients, some travel will be required.
- Perform cybersecurity assessments for clients (e.g. risk assessments, IT network infrastructure reviews, system technical configurations review, information security policies and processes/procedures review etc.).
- Evaluate and analyze threat, vulnerability, impact and risk to security issues discovered from security assessments.
- Advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes and controls.
Required Skills and Abilities
- Degree in Computer Science, Computer Engineering, Information Technology or equivalent.
- Strong interest in the field of information security.
- Drive high-quality work products within expected timeframes and on budget.
- Demonstrate deep technical capabilities and professional knowledge.
- Stay abreast of current business and industry trends relevant to the client's business.
- Develop and maintain long-term relationships and networks with clients and internal EY stakeholders.
- Consistently deliver quality client services and manage expectations of client service delivery.
- Knowledge in security controls, penetration testing, programming, networks and operating systems would be an added advantage.
- Creative, independent with good problem-solving skills.
- Strong analytical skills.
- Strong interpersonal, communication and writing skills.
- Willingness to travel on overseas assignment as the need arises.
What We Look For:
Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. An effective communicator, you’ll be a confident leader equipped with strong people management skills and a genuine passion to make things happen in a dynamic organization.
- Job type:Graduate Jobs
Computer Science, Information Technology
- Closing Date:9th Sep 2020, 6:00 pm