Job Description
Senior Security Architect – Tech Consulting- Manager/ SM General Information Location: Dublin Available for Work Visa Sponsorship: NO Business Area: Cyber Security Contract Type: Full-Time – Permanent EY’s Cyber Security practice is one of the fastest growing areas of the business with an immediate requirement for a senior security architect. As part of our Cyber team you will be providing advisory and technical support to help our clients improve their cyber security posture to respond to the dynamic Cyber Security threats. You will provide security domain expertise and utilise your business insight to work closely with our clients to advise, design, build, deploy and test pragmatic security solutions that will give real and tangible benefits and security enhancement. The opportunity You will be a core member of a highly skilled and rapidly growing team of Technical Security specialists. As a member of the team, you will have the opportunity to grow your career in leading the delivery of security architecture and design solutions with a significant opportunity for leadership experience and career progression. Your Key Responsibilities Assist in establishing a target operating model for the security architecture function, defining requirements to establish a team to deliver security architecture design reviews through the lifecycle of complex global projects across a wide selection of technologies and platforms for our client’s IT and OT environments. Define and establish a team to secure enterprise information by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; and mentoring team members. Belong to an internationally connected team of specialists helping clients with their most complex cybersecurity needs and contributing toward their security posture and business resilience. Provide security architecture expertise and lead security architecture design reviews. The successful candidate will have a highly technical information security background and will be well versed in cloud security technologies, standards and best practices. Preference will be given to any candidate who has experience in securing manufacturing/OT environments globally. This person will also possess strong organisation and communication skills and the ability to work independently or in collaboration. An understanding of Enterprise, IT and Cyber Risk management will be a key advantage for this role. Knowledge and Skills for the role include Establish a Security Design Architecture function and Target Operating Model. Develop security architecture charter including governance structure, roles and responsibilities. Identify and document required processes for management of security architecture activities. Identify required changes to current processes and practices (e.g. change management) to include future security architecture oversight. Establish skills and training requirements for security architecture function, including roles and responsibilities and likely headcount requirements. Support the design of the Cyber Risk Management function. Adopt industry framework for cyber risk management (e.g. ISO27001 and NIST 800-30). Develop risk register and taxonomies, formalise risk profiling, rating and scoring metrics and ensure consistency with existing organisation risk definitions. Develop risk intelligence plan including assessment criteria, process, questionnaire, etc. Define skills and training requirements for risk management personnel, including roles and responsibilities and likely headcount requirements. Take responsibility for project security review reports and follow these through to completion including liaising with security and project stakeholders and offering robust security posture advice and ensuring formal security approval of ‘go live’ scenarios. Independently lead and support remote teams in performing complex architecture reviews in a variety of environments, liaising with several teams across different client sites. Expert-level security knowledge in technical IT and OT domains - operating systems, networks, databases, mobile, cloud, SCADA, PLC understanding an advantage. Understanding and experience designing and implementing enterprise security and solution security architectures for large organisations leveraging frameworks such as SABSA and TOGAF. Implementation of cybersecurity controls using industry-leading practices such as NIST CSF, NIST 800-53, OWASP, Centre for Internet Security (CIS), ISO 27001, COBIT etc. Experience in maintaining compliance with regulations and standards such as NISD, GDPR, PCI-DSS etc in executing security architecture design reviews and advice, in addition to audit requirements and exacting reporting formats. Experience in security vulnerability identification, application security remediation and threat modelling approaches such as cyber kill chain, STRIDE, exposure analysis etc. An in-depth awareness and understanding of the cyber and business risks associated with the threat and vulnerability and penetration testing domain. Stay up-to-date on current security threats, trends and control solutions. Prepare system security reports by collecting, analysing, and summarizing data and trends for project and operational and project governance reporting. A consultative manner and customer facing skills with the ability to communicate with stakeholders at all levels and advise on best practices in the security domain. Excellent communication and stakeholder management skills and ability to negotiate and manage expectations with business as well as technology stakeholders. Experience and attributes for success: 5-10 years' experience working in cyber security technical roles advising on security controls design, implementation and testing across various sectors. Experience in ‘Big 4’ or similar consultancy experience in the Irish market. Track record in supporting the delivery of a broad range of cyber security controls and projects in an Enterprise environment. Manufacturing, Government, Transport, Financial sector experience desirable. Driven cyber security professional with a passion for information security and securing client infrastructures. Strong analytical skills to solve technical issues and flexibility in handling multiple issues at once. Qualifications: Undergraduate or masters’ degree preferably in one of the following areas: Information Security, Cyber Security, Cloud Computing, Information Systems, Computer Science, Engineering, and/or other equivalent industry certification. Industry-related certification preferred (e.g. CISSP, CISM, SANS, SABSA, TOGAF). IEC 62443 certification / experience an advantage. What working at EY offers We offer a competitive remuneration package. Our comprehensive Total Rewards package includes support for flexible working and career development. Support and coaching from some of the most engaging colleagues around. Opportunities to develop new skills and progress your career. The freedom and flexibility to handle your role in a way that’s right for you. All our employees are given a benefits package which they can tailor to suit their individual preferences. Our range of benefits include: Pension Maternity & Paternity leave Discounted health insurance Hybrid Working Free Gym membership Recognition Awards Cash incentives for referrals Travel Pass Web Doctor - Free unlimited online GP consultations for you and your family. TECH MBA paid by EY. Work Mobile Wellness rooms Available in some offices. EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. Career Progression When you join EY, you will be supported to ensure that you are enhancing your skills from day one. Continuous learning, where you can develop the mindset and skills to navigate whatever comes next. As you grow and develop here, you’ll discover opportunities to help customise your career journey. Transformative leadership, we will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture, you will be embraced for who you are and empowered to use your voice to help others find theirs. We have embraced Hybrid working at EY adding greater flexibility and autonomy to the roles of our employees. About EY As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. Inclusion & Diversity We hold a collective commitment to foster an environment where all differences are valued and respected, practices are equitable and everyone experiences a sense of belonging. We recognise the strength that comes from having a diverse workforce and building a culture where we support all our people to achieve their potential. As an equal opportunities’ employer, we welcome applications from people of all backgrounds. Join us in building a better working world. That’s Why, EY. Apply now. IMPORTANT: Where Agency assistance is required, our Talent Team will engage directly with suppliers. CVs / Profiles should not be shared directly with Hiring Managers. #J-18808-Ljbffr