Manager -Tech Risk Transformation
EY
- Thiruvananthapuram, Kerala
- Permanent
- Full-time
- Contribute in assessing and implementing security and risk standards including ISO 27001, NIST, ITIL, COBIT
- Conduct Information Security Risk Assessment against leading practice frameworks and common standards. Possess systems security skills in assessment, management and reporting.
- Assist client in managing and transforming their Information Security Programs.
- Evaluate and analyze threat, vulnerability, impact and risk to security issues discovered from security assessments.
- Advise clients on the IT security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the systems based on the current state assessment of their security environment
- Lead or commission suitable cybersecurity awareness, training and educational activities
- Lead or commission cybersecurity risk assessments and controls selection activities
- Your role will broadly constitute 80% engagement delivery and 20% business development.
- Knowledge in information security and 8 to 10 years of hands-on experience with key components of cybersecurity consulting:
- Experience in working independently or as part of a large team to delivery Cyber services on its own or within large complex projects.
- Practical experience with conducting risk assessments and testing of controls
- Excellent analytical skills and knowledge of data analytics methods
- Possession of the CISA, ISO 27001 LA/LI certification or equivalent
- Demonstrated leadership abilities
- Performed information security implementation
- Expertise in ISO 27001 and sub-standards
- Good understanding of leading cyber resilience frameworks
- Managed different kinds of continuity exercises and tests
- Conducted cyber-attack simulation exercises
- Ability to review the IT infrastructure and network architecture
- Should be able to drive top management meetings
- Ability to guide team to execute project with top quality
- Mentor and guide team
- Ability to conduct training for audience ranging from end user to top management
- Manage project and ensure quality of deliverables
- Able to conduct continuity review and audits
- Must have flair in understanding new technologies
- Excellent interpersonal, written, verbal, communication, and presentation skills
- Excellent command in written and spoken English
- Experience in managing professional service project teams
- A bachelor's or master's degree B.E/B.Tech/M.Tech
- 8-10 years of experience in cyber strategy and knowledge in Information security
- Certifications ISO 27001/ISO 22301/CISA/CISSP/CRISC
- Excellent communication skills with consulting experience preferred
- Willingness to travel and work from Middle East client locations and in particular Saudi Arabia
- Continuous learning: You'll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We'll provide the tools and flexibility, so you can make a meaningful impact.
- Transformative leadership: We'll give you the insights, coaching and confidence to be the leader
- Diverse and inclusive culture: You'll be embraced for who you are and empowered to use your voice to help others find theirs.