EY is a global professional services organization providing advisory, assurance, tax and transaction services. We are committed to doing our part in building a better working world for our people, our clients and our communities. And we are united by our shared values and a dedication to delivering exceptional client service.
At EY we support you in achieving your unique potential — both personally and professionally. We give you stretching and rewarding experiences that keep you motivated, working in an atmosphere of integrity and teaming with some of the world’s most successful companies. And while we encourage you to take personal responsibility for your career, we support you in your professional development in every way we can. You enjoy the flexibility to devote time to what matters to you, in your business and personal lives. At EY you can be who you are and express your point of view, energy and enthusiasm, wherever you are in the world. It’s how you make a difference.
EY Advisory operates as the most globally integrated firm across all our geographical areas. Through our industry-focused approach and worldwide reach, we help clients manage risk, improve performance and sustain the results.
Our Commercial advisory department focuses on clients across different industries, such as Telecom, Media, Technology and Manufacturing etc. to provide Advisory services in the areas of Digital Strategy and Innovation, Performance improvement, Risk and IT to commercial organizations in Luxembourg and in EMEIA.
In order to support the growth of our Advisory Department,we are currently looking to recruit:
Cyber Security Senior Consultant (m/f)
Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As a cybersecurity specialist, you will guide our clients to strengthen their cyber defences. At EY, you will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. In simple terms, you know how to use your deep technical experience and apply that to a business where we need to battle risk and agility.
We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
EY consultants are considered by our clients as experts and trusted in what they do. Our cyber security teams focus on providing our core services which include:
- Analyse client IT environment, identify risks and evaluate controls, including cloud security aspects
- Assess and implement information security management frameworks based on well-known industry standards (e.g. ISO27k, CCM, NIST, COBIT)
- Develop client Information Security strategy plans in alignment with business requirements using risk based approach
- Perform information security awareness training and training program development for clients
- Manage client expectations and program implementation plans attending stakeholders' needs using project management principles
- Keep up-to-date with the latest security trends and also applicable privacy laws that could have an impact on clients
- Act as enabler with clients that desire to move towards compliance status, especially under controls and requirements from the new general data protection regulation
You are a risk practitioner at heart and have a general cyber background, having worked in the industry for at least 3 years ideally where you have performed risk assessment, cyber control reviews, compliance audits, and obtained an understanding of penetration testing, Security Operations, SIEM or other security areas.
Ideally, you will have experience with a globally recognised professional services firm or large corporations with industry experience in four or more of the following areas:
- Experience in assessing an implementing security and risk standards using ISO 27k, PCI DSS, NIST, ITIL, COBIT, CCM
- Systems security skills in assessment, design, architecture, management and reporting
- Application control and security implementation, program and project delivery design, architecture and solution design, including security controls and architecture design
- Mandatorily handle at least one of the Information Security recognized market certifications (e.g. CISM, CISSP, CRISC, CISA)
You will hold ideally a bachelor or equivalent certification in computer science, information systems or any other related major.
Your are fluent in English. French and/or German would be preferred with any other language being and advantage.