Security Consultant

At EY, we’re all in to shape your future with confidence.

We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go.

Join EY and help to build a better working world.

Security Consultant

EY Technology Overview

Technology is central to EY’s operations and service delivery. With 250,000 professionals across 140+ countries, secure and efficient technology enables our people to work seamlessly—whether on laptops, mobile devices, or through internal and client-facing solutions. Technology drives innovation and underpins the services we provide.

EY Technology is organized into three business units:

• Client Technology (CT): Develops innovative technology services for clients, accelerating opportunity identification and delivery.
• Enterprise Workplace Technology (EWT): Supports core business services with cost-effective, user-centric technology infrastructure.
• Information Security (Info Sec): Protects EY and client data by preventing, detecting, and mitigating cyber risks.
  
  

The Opportunity

As a Security Consultant within EY’s Client Service Security Consulting and Assurance team, you will be a trusted advisor to EY’s Strategy & Transactions and Sustainability service line. You will support global platforms, AI and analytics solutions, and line-of-business services. Your role includes reviewing security architectures, providing security guidance, prioritizing security requirements, promoting secure-by-design principles, and facilitating security throughout the system development life cycle (SDLC). You will also provide guidance in risk treatment and translate technical vulnerabilities into business risk language for stakeholders.

Key Responsibilities

• Define pragmatic security architectures balancing business benefits and risks.
• Collaborate with IT project teams throughout the SDLC to identify and implement security controls.
• Conduct risk assessments of information systems and infrastructure.
• Maintain and enhance the Information Security risk assessment methodology.
• Develop security configuration standards for platforms and technologies.
• Recommend risk treatment and mitigation strategies for identified security risks.
• Translate technical vulnerabilities into business risk terms and advise stakeholders on corrective actions.
• Share knowledge and provide technical support to team members.
• Serve as a Subject Matter Expert (SME) in assigned technologies with deep technical expertise.
  
  

Skills And Attributes For Success

• Strategic mindset to develop long-term risk management and security frameworks.
• Ability to balance security needs with business impact and benefits.
• Skilled in facilitating compromise to advance security objectives incrementally.
• Strong understanding of EY’s business objectives and ability to build cross-functional relationships.
• Collaborative team player who promotes security policy compliance.
• Experienced in leading meetings with diverse stakeholders, building consensus, and mediating compromises.
• Comfortable working in ambiguous and dynamic environments.
• Minimum five years’ experience in architecture, design, and engineering of web-based multi-tier systems or network infrastructures.
• Experience with security architecture and assessment of messaging, ERP, CRM, or data analytics solutions.
• Proficient in conducting risk, vulnerability, vendor, and third-party assessments with remediation recommendations.
• Familiarity with security standards such as ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT.
• Experience with cloud technologies and solutions, preferably Microsoft Azure.
  
  

Qualifications

• Advanced degree in Computer Science or related field, or equivalent experience.
• At least five years managing significant Information Security risk functions.
• Eight or more years in Information Security or IT roles.
• Proven ability to communicate security findings and recommendations effectively to IT teams and management.
• Exceptional judgment, tact, and decision-making skills.
• Adaptable to shifting priorities, ambiguity, and rapid change.
• Strong management, interpersonal, communication, organizational, and decision-making skills.
• Minimum two years’ experience with cloud architecture, design, and assessment.
• Proficient in English.
  
  

Preferred Certifications

• GIAC certifications, CSSP, CISSP, CISM, or CISA are highly desirable or candidates actively pursuing these certifications.
  
  

What EY Offers

We provide a competitive remuneration package rewarding individual and team performance. Our Total Rewards include flexible working support, career development opportunities, and benefits tailored to your needs through FlexEY, covering holidays, health, insurance, savings, and discounts.

Additional benefits:

• Support, coaching, and feedback from engaging colleagues.
• Opportunities to develop new skills and advance your career.
• Flexibility to manage your role in a way that suits you.
  
  

EY | Building a better working world

EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.

Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.

EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

---