Funciones The world is changing faster and faster than ever. Our Global Promise: "Building a Better Working World" leads our more than 260,000 employees around the globe and provides the foundation for the work we do every day. With our innovative services in auditing, tax consulting, Transaction and management consulting, we lead our clients into the future. Our Financial Services organization is the only major Big4 Company with functional and transnational specialization in the financial services sector. In our advisory services you are active in management and management consulting. We provide seamless, consistent and high-quality services to our customers around the world. About the job Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As a cybersecurity specialist, you will guide our clients to strengthen their cyber defenses. At EY, you will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. In simple terms, you know how to use your deep technical experience and apply that to a business where we need to battle risk and agility. We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
Requisitos About you You have very good interpersonal skills so that you can manage to interact directly with clients and understand their needs. Furthermore, you will have good presentation skills as this will be a key part of your daily activities. Finally, you will need good analytical skills to get the most out of each project and client. Joining us you will be able to find a very friendly yet challenging work environment. You will also have the possibility to learn from some experts in the field to move forward on your career at the pace you want to set. Based on this training and development of your skills, you will be able to continuously keep progressing in your career assuming more responsibilities. You will own the path of your own career. To qualify for the role, you must have • A Bachelor (or equivalent certification) in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. • Worked in the industry for at least 5 years and performed risk assessment, cyber control reviews, compliance audits, and obtained an understanding of penetration testing, Security Operations, SIEM or other security areas. • A fluency in Spanish and English, or any other language would be an advantage. As part of the EY cyber security consulting team, you must be able to • Demonstrate leadership and adaptability, with willingness to readily and voluntarily take ownership of highly challenging tasks and problems, even beyond initial scope of responsibility. • Conduct various Red Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Testing, Social Engineering and Physical Security Testing would be an advantage as well. • Participate in developing security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends. • Perform security risk assessment, threat analysis and threat modelling, independent reviews of clients' security, network, and applications, to be able to Plan/Design/Execute security related activities and create artefacts. • Develop clear detailed reports and recommendations based on concrete evidence, to debrief users and provide remediation strategy on findings. • Stay on-time, on-budget, and within scope of testing activities. • Understand and assimilate different points of view and needs of the clients. • Advise IT on current and emerging threats, their attack vectors, and how to mitigate them. Ideally, you'll also have • Experience in assessing an implementing security and risk standards using ISO 27k, PCI DSS, NIST, ITIL, COBIT, CCM • Systems security skills in assessment, design, architecture, management and reporting • Experience in application control and security implementation, program and project delivery design, architecture and solution design, including security controls and architecture design, • Security-related certifications (CISSP, CISA, CEH, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.).