In an increasingly connected world, where cyber-attacks are ever so present, financial institutions (banks, insurers, asset managers) face a growing need to address these risks by implementing controls which are embedded throughout the business and aligned with the strategy.
This approach builds trust and ensures that both the financial services companies’, as well as their clients’ sensitive information and financial assets, are properly protected.
In order to respond to the specific needs of the financial sector, we are strengthening our team and we have opportunities for information security consultants who:
- have relevant experience in information security governance and risk management
- wish to share their passion for Information Security
- are eager to work on diverse projects in banking, insurance or asset management companies.
As an Information Security consultant at EY, you will :
- Join a team of more than 40 consultants, and act as a subject matter expert
- Focus on information security risk management and information security governance
- Translate technical cyber & information security requirements into business actions
- Create, preserve and apply security governance frameworks for our clients
- Work with different, potentially conflicting requirements (legal, regulatory, industry standards, group’s strategy) to distill realistic security requirements supporting the business strategy
- In a typical project you will work within the information security team, and your job scope will include:
- creating and maintaining an appropriate information security governance and management framework
- advising on, and designing the security team's roadmap
- developing and implementing awareness programs
- translating technical risks into business risks, and aligning information security objectives with business objectives
- providing follow up on IT security efforts, advising on strategic and tactical solutions
- linking information security incidents to known (and unknown) weaknesses.
What are we looking for:
- A particular interest in information security and managing cyber risks
- Relevant professional experience (2 – 8 years), ideally with solid exposure to consulting
- An excellent knowledge of business English and solid French and/or Dutch
- Good communication and analytical skills
- Master degree is a plus but we are open to diverse backgrounds
As a member of the EY family, you will:
- Join a young team genuinely passionate about their work
- Be part of a leading global professional services firm
- Participate to extensive trainings, both on technical matters, as well on soft skills and project management
- Get individual coaching and mentoring, to support your growth as a professional and as a person
- Get experience and access during your projects to multiple market certification and standards, such as:
- CISM, CRISC, CISSP, CIPP, PCIP, ISO, Prince II, ITIL etc.
- PCI-DSS, ISO27001/2 and the NIST SP800-53 security standard
- Risk methodologies (like CRAMM, ISO31000, ISO27005)
- eGRC tools
We are proud of our flexible working arrangements, and we will support you to build a successful career and deliver excellent client service, without sacrificing your personal priorities. While our client-facing profession might require regular travel, and at times working at client sites, we are committed to help you achieve a balanced lifestyle.
Our commitment to Diversity & Inclusion
At EY we are passionate about diversity and inclusion, and we support of individuals of all groups; we do not discriminate on the basis of race, religion, gender, sexual orientation, or disability status.