Associate - Technology Consulting, Cybersecurity

At EY, we’re all in to shape your future with confidence.

We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go.

Join EY and help to build a better working world.

Are you ready to shape the future with confidence?

The Opportunity:

Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures.

As a cybersecurity professional in EY Singapore, you will have the chance to work with an international connected team of specialists in serving our clients through providing independent assessments or implementation of cyber solutions that contributes toward their business resilience.

Your Key Responsibilities:

Core Cybersecurity

You will work with your project team and the client to execute engagements which help the client to measure the effectiveness of its cybersecurity programs, assess the cybersecurity risk of a client; evaluate the maturity of a security program, test the effectiveness of cyber controls, assist the client in complying with the various cyber policies and regulations, and help implement new cyber control processes and tools to perform more effective cyber risk management.

Operational Technology (OT)

The Operation Technology Team provides cybersecurity services to clients who run operational technology environments and/or critical information infrastructures.

As an OT Cybersecurity Consultant, you will be part of an elite and dynamic team performing a myriad of cybersecurity services to help the clients identify any vulnerabilities or weaknesses, design and implement processes and solutions for the clients to better protect their systems, monitor and detect any cybersecurity attacks, respond to and recover from these attacks.

Offensive Security (Off Sec)

Our Off Sec services provide technical cyber assessments that aim to assist clients gain insight and context to their cyber threats and assessing, improving, and building security operations in order to mitigate these threats.

As an Off Sec team member, you will be responsible for performing web application/mobile penetration testing, network penetration testing, source code review and red team assessment. You will also be involved in conducting social engineering exercises.

Solution and Architecture (SA)

As a member of Solution and Architecture team, you will be involved in analyzing the client’s cybersecurity requirements, design a suitable solution, test that the solution is built to specifications, deploy the solution to the client’s live environment and continuously enhance and optimize the solution to improve the client’s cybersecurity posture. You can become the cybersecurity architect in the domain you choose.

Internally within EY, we have a well-established Technology Career Framework that aims to assist individuals to pursue their dreams and align themselves to the opportunities and roles within the Cybersecurity & Privacy Discipline:

Cybersecurity Tester

Conducts tests simulating cyber-attacks to find exploitable weaknesses and define remediation plans; simulates a threat actor attempting to gain unauthorized physical or logical access to an environment. Identifies security vulnerabilities during software development lifecycle to ensure security by design and default. Develops and executes cybersecurity test plans, ensuring test quality and managing resource planning and the resolution of issues that may impede the test effort.

Cybersecurity Assurance Professional

Provides security assessments related to network, infrastructure and application risks and vulnerabilities. Audits, assesses and advises on privacy frameworks, security policies, processes and governance for conformance against security standards, industry practices and regulatory obligations. Conducts information risk assessments (e.g., Crown Jewel identification and Risk Classification) and proposes appropriate mitigation strategies.

Cybersecurity Response & Investigations Professional

Addresses new and emerging threats that are either pro-actively detected by internal teams or external sources such as law enforcement, government agencies or other organizations. Conducts root cause analysis of any vulnerabilities as well as full-blown cyber breach/incident investigation using cutting-edge digital forensics toolkits, makes recommendations for future mitigation strategies and collates information and forensic artefacts for use in compliance and law enforcement activities.

Cybersecurity Architect

Designs security architecture to address business requirements; defines the security infrastructure for the design and integration of new and existing systems (hardware, software, connectivity, and messaging). Acts as an intermediary between the business and technical community to understand business requirements, define the security architecture required and support the development and engineering teams with implementation.

Cybersecurity Engineer

Designs, develops, and delivers cybersecurity solutions, tools and processes through system development and integration; designs security infrastructure systems for monitoring, investigating and protecting sensitive data and systems from intrusions, compromise and security breaches. Collaborates with other departments across the business to ensure cybersecurity designs meet the security, business and technical requirements.

Cybersecurity Strategist

Leads cyber transformations to enhance the organization's security posture. Identifies opportunities to improve organizational cybersecurity strategy, policy and governance. Performs current state security assessments and supports target operating model definition. Manages discussions and proposes approaches in aligning cybersecurity initiatives to strategic business objectives.

Cybersecurity Operations Professional

Monitors and protects sensitive data and systems from intrusions and security breaches. Identifies, prioritizes and responds to security threats with appropriate containment approaches and develops, executes and continuously improves operational protocols and processes. Evaluates, utilizes, deploys and matures security controls used in cyber defense across an enterprise, and conducts normal operational maintenance of security systems.

Skills and Attributes for Success:

• Degree in Computer Science, Computer Engineering, Information Technology or equivalent
• Knowledge in security controls, penetration testing, programming, networks and operating systems would be an added advantage
• Willingness to travel on overseas assignment as the need arises

Note:

• You are required to upload your latest resume and academic transcripts together with your online application.
• We regret to inform that only shortlisted candidates will be contacted.

To learn more about careers in EY, please visit Careers at EY or connect with us on social media (Facebook or Instagram ) to hear from our people about their EY careers.

EY | Building a better working world

EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.

Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.

EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.