Consulting - FSO Cyber Security – Consultant

Job Description :

 
Consulting - FSO Cyber Security – Consultant 
Excellent career opportunity with Ernst & Young: 
Ernst & Young is one of the leading global professional services organizations with 167,000 staff around the world. We are proud of our people culture which we believe sets us apart in the profession. Ernst & Young helps you achieve your best by providing great learning and career growth opportunities, by offering ways to help you achieve satisfaction in work and life, and by looking at each decision with a keen eye toward how it will affect you. 
Job summary: 
Cyber Security's engagements focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. Engagements may be either assurance (attestation) and/or risk advisory in nature, and vary considerably in and complexity. In addition to assurance-related engagements such as financial attestation and SAS 70 engagements, our IT risk advisory services also focus on IT governance and effectiveness, IT program management and assurance, security and controls of ERP implementations, and business intelligence and information analysis. 
Responsibilities: 
 
Collaborate with other members of the engagement team to plan the engagement and develop work program timelines, risk assessments, and other planning documents. Work with the engagement team to document the business processes dependent on information technology. Serve as a fieldwork leader by directing the daily progress of fieldwork, informing supervisors of engagement status, and managing staff performance; 
 
Demonstrate and apply a thorough understanding of complex information systems. Use knowledge of the current IT environment and industry IT trends to identify the engagement and client service issues, and communicate this information to the engagement team and client management through written correspondence and verbal presentations; 
 
Demonstrate and apply strong project management skills, inspire teamwork and responsibility with engagement team members, and use current technology and tools to enhance the effectiveness of deliverables and services; 
 
Demonstrate expert ability to identify and analyze business and user requirements, develop, present and demonstrate professional solutions to prospective customers based on detailed customer requirements; 
 
Prepare and conduct proposal presentations, demonstrations and participate in marketing and promotional activities (workshop, seminar, training and speech etc.); 
 
Perform planned and ad-hoc security reviews to ensure compliance with existing policies; 
 
Lead team to provide information security advisory services on risks and security best practice.
 
 
 
 
Requirements: 
 
University graduates in Information Systems / Computer Science and Accounting 
 
A minimum of2~3years of relevant experience with reputable international accounting firms; or experience in IT operations, holding ITIL and/or ISO20000 certificate; or experience in initiating, maintaining and monitoring information security policies, processes and procedures in enterprise according to ISO 17799/27701 and conducting information security risk assessment and treatment programs. 
 
IT audit experience on general controls review, application controlsreview and data analysis using audit commands language
 
Ability to review ERP systems (e.g. SAP and Oracle Financials) is anadvantage
 
Good skill set in Banks & Insurances & business, system integration, project management, or cloud computing;
 
IT 咨询： IT 规划（网络，基础架构，数æ®å’Œåº”用规划）， IT æµç¨‹ç®¡ç† （IT管ç†ä½“系， ITIL）
 
IT风险： IT风险管ç†ï¼Œ ä¿¡æ¯å®‰å…¨ （安全规划，安全技术， æ•°æ®å®‰å…¨ï¼Œ 应用和网络安全，云安全等）
 
业务安全/渗é€æµ‹è¯•/银行è¯åˆ¸ä¿é™©ç±»åž‹ç½‘站安全/安全产å“，(WAF/TD)日志åšå…¨é¢åˆ†æž/应急å“应/Data Security/Cloud Security/penetration testing/vulnerability management/incident response/jave, python, docker/OWASP10
 
 
安全测试类 Application security Penetration test Vulnerability scan CEH CISSP  
安全产å“ç±» Sales Engineer （售å‰ï¼‰ Data loss prevention (DLP) IAM SIEM Security operation center (SOC) Incident response  
ç­‰ä¿ç›¸å…³ 
 
具有等级ä¿æŠ¤å’¨è¯¢åŠæµ‹è¯„ç»éªŒçš„
 
3到5年以上相关工作ç»éªŒè€…
 
 
安全è¿è¥ç›¸å…³ 
 
具有3到5年以上信æ¯å®‰å…¨è¿è¥ï¼ˆå®‰å…¨ç›‘控，安全事件å“应，安全事件分æžç­‰ï¼‰ç»éªŒ
 
熟悉主æµSOC，SIEMå¹³å°åŒ…å«Splunk，LogRhythm, McAfee, ArcSightç­‰
 
具有设计实施SOCåŠç›¸å…³è€…优先
 

Read Less