Security Consultant

At EY, we’re all in to shape your future with confidence.

We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world.

You are seeking a position that allows you to demonstrate your information security skills, experience and ability to solve complex problems. This position is an opportunity to embed information security in a strategic investment by the EY Tax practice that is intended to enable innovation and disruptive new services:

• This position is a leading and consulting role in designing, developing and implementing all aspects of security for complex global applications based on Microsoft Azure technology and generally the Microsoft technology stack.
• The role is an individual contributor capable of supporting multiple project teams, not a program management or oversight role.
• Participate in the design, implementation and certification of security controls across multiple projects/applications.
• Apply knowledge of IT system architecture and Cloud technology, plus supporting technologies such as IAM, network security, firewalls, user account management, audit and logging.
• Address security concepts per ISO27001, OWASP and related standards; consider 3rd party security assessments and SOC1/SOC2 concepts and vendor risk management.
• Work remotely and leverage EY collaboration tools (Teams, SharePoint, AzureDevOps).

• Significant working security experience in design, implementation and operation of security controls in one or more areas: Agile & DevOps, Application Security, Security scanning tools, Cloud Security, Infrastructure Security, Identity and Access Management.
• Agile & DevOps – contributing member of an Agile development or DevOps team.
• Application Security – design of security controls for multi-tier solutions, data tenancy/isolation, encryption, logging; familiarity with REST API and microservices.
• Security scanning tools – experience with SAST/DAST, network sniffers; coordinate with internal pen testing to address findings.
• Cloud Security – virtualization, cloud infrastructure, and security in Azure, GCP, AWS and other vendors.
• Infrastructure Security – IAM integration, intrusion detection/prevention, monitoring, data encryption.
• Identity and Access Management – AD-based IAM and authorization design, IDaaS and Federation.

• 5 years of experience in implementing and advising on security configurations across complex IT architectures, including cloud and on-premises solutions.
• In-depth knowledge of IT architecture concepts, cloud technologies, IAM, network security, firewalls, auditing, hardening, and ISO27001/OWASP standards.
• Proficiency in interpreting security reports (SAST/DAST) and advising on corrections and security measures.
• Knowledge of GRC tools to work with Compliance on remediation plans.
• A degree in Computer Science or related field.
• Security certifications.
• Excellent communication skills and ability to collaborate with developers, architects, business leaders and clients.

• Operational Security – experience defining operational models and procedures for securing solutions.
• Information Security Standards – knowledge of ISO 27001/27002, NIST CSF, FEDRAMP, CSA and CIS Controls.
• Cloud security certifications such as AZ-300, CISSP, or related certifications.
• Product Management – experience working with broader teams from concept to design to implementation and ongoing support.

We are looking for individuals with a passion for information security and the ability to apply knowledge to new and emerging technologies supporting EY’s growth strategy.

• We offer a comprehensive compensation and benefits package with base salaries and a Total Rewards package that includes medical and dental coverage, pension and 401(k) plans and paid time off options. The base salary ranges in the US are provided for transparency and vary by geography.
• Hybrid work model: most external client-serving roles are expected to be in person 40-60% of the time.
• Flexible vacation policy and designated holidays, with accommodations for personal, family, and well-being needs.

Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an on-going basis.

For those living in California, please click here for additional information.

EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.

EY | Building a better working world

EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.

EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.

EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com.