Cyber Security team - Multiple Opportunities - Katowice

Cyber Security Team - Multiple Opportunities

Location: Katowice - remote

Let us introduce you the job offer by EY GDS Poland a member of the global integrated service delivery center network by EY.

The opportunity

We are looking for atop-notch technology savvy specialistswilling to move our projects on the new track! You will use the most advanced technology stack and have an opportunity to develop and implement new solutions whileworking withtop leaders in their industries. As a part of our globalteamyou will participate in international projects.

Right now we are looking for multiple roles to joinCyber SecurityteamwithinEY GDS Consulting:

Pentester
ThePentesteris responsibleto deliver Attack & Penetration Testing projects and various other security projects including application code review social engineering Red Team Assessments Purple Team Assessments Threat Modeling and Security Architecture reviews.

• Minimum 2 years of experience in conducting penetration tests
• Knowledge of security issues at the technical level
• Knowledge of solutions and recommendations to prevent or mitigate security vulnerabilities
• Knowledge of the application security verification standards
• Understanding of how informations technology systems work:
• Networking architecture
• Networking protocols
• Operating systems.
• Understanding of how web applications work starting from backend ending with frontend
  

DevSecOpsand Cloud Engineer
TheDevSecOpsSpecialist is responsible for designing and implementing of Continuous Integration and Deployment/Delivery engineerwith understanding of Cloud delivery security and deployment models for IaaS PaaS SaaS offerings provided by at least one ofpopular Cloud vendors AWS Azure GCP.

• DevOpswith experience in deployment security in SDLC and CI/CD. Provisioning automation KubernetesOpenshift CI/CD
• Developing infrastructure as code (PowerShell/Ansible/Terraform) Familiarity with technologies is an advantage: Maven Jenkins SonarQube Harbour Nexus Git Istio PrometheusFluentd KafkaHashicorp
• Basics in test automation AND/ORVulnerability ScanningDAST/SAST is a plus.
• Cloud engineerwithunderstanding of Cloud delivery security and deployment models for IaaS PaaS SaaS offerings provided by at least one of: Amazon Web Services (AWS) Microsoft Azure and Google Cloud platforms
• Cloud platforms. Working knowledge of key cloud security CIS NCSC ISO CSA STAR
• Technical architecture skills incl. tiered security architecture design
• Ability to implement security into cloud services and evaluate cloud configuration to optimize it
  

Information Security Consultant
AsanInformation Security Consultant within Strategy Risk Compliance & Resilience (SRCR) competency you will help EY Clients to evaluate the effectiveness and efficiencies of their cybersecurity and resiliency programs in the context of the business growth and operations strategies.

• Associate with analytical andproblem-solvingskills ability to work effectively as a team member observant with an eye for detail.
• Strong Project Management and Audit skills
• Certificates in: CISA CISSP CISM ISO27001 Lead Auditor or Lead Implementer will be a value
• Awareness of any of the Information Security-related norms and standards such as: ISO27001 NIST TISAX or any other ISMS governance systems IT Controls such as: IT General Controls (ITGC) IT Application Controls (ITAC) IT SOX Compliance SSAE16 business cycle controls (BCCs) review general computer controls (GCCs) Segregation of duties analysisetc.
• Performing audits or reviews of ISMS systems and/or IT general controls. support clients with implementation of their ISMS write documents set controls frameworks etc.
• IT Controls such as: IT General Controls (ITGC) IT Application Controls (ITAC) IT SOX Compliance SSAE16 business cycle controls (BCCs) review general computer controls (GCCs) Segregation of duties analysisetc.
  

Data Protection Consultant
TheData Protection Consultantis responsible for data identification and protection in organization and apply policies todelivergiven.

• Experience in supporting Data Security Technology:
• Information Security concepts related to Governance Risk & Compliance
• DLP/Data Classification/CASB/DAM Encryption PKI CLM Technology support and Event Handling
• Experienceinadministration of the DLP O365 (DLP AIP RMS MCAS) PKI (MS PKI HSM CLM) CASB DAM tools which includes configuring policies upgrading and patching.
• Technical/Vendor CASB (Netskope Prisma Symantec) DLP ( Forcepoint McAfee Symantec) Data Classification (Titus Boldon James) DAM (IBM Guardium Imperva) certification will be added advantage.
  

IAM ConsultantandIAM Architect
AsanIAM Consultantyou will be responsible for designing and implementing optimizing processes related to IAM in our clients landscape and business implementation of identity management lead a technical team of engineers providing the technical design and engineering ofIAM platforms. This role will be a key role in defining the plan for business transformation working in conjunction with Identity Access Management teams vendors and other infrastructure/ application technical teams of EYs Client.

• Strong understanding ofidentity governance and lifecycle.
• Use case design Solution Requirements Specification and mapping business requirements to technical requirements
• Hands-on development experience on Provisioning Workflows triggers rules and customizing the tool as per the requirements.
• Strong understanding of Identity Access Management concepts.
• Experience in design and configuration of SailPoint or Saviynt - architecture design development configuration testing integration and deployment.
• Experience in any other IDM suite (OIM IBM Sun CA Microfocus / NetIQ) is an added advantage.
• Experience in creation of SailPoint or Saviynt solutions in presales phase for selling opportunities(RFP RFI) for our clients. Hands-on experience on SailPoint or Saviynt Migration projects.
  

Threat Detection & Response Consultant/Architect
The TDR Senior Consultant is responsible for creation of solutions/architectures and/or participation in the projects as a Subject Matter of the following topics:

• SIEM
• Security Operations Center (SOC)
• Cyber Threat Intelligence
• Vulnerability Assessment / Management
• Creation of architectures
• RFP (Request for Proposal) solutioning

What we offer

EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across ten locations Argentina China Hungary India the Philippines Poland Sri Lanka Mexico Spain and the United Kingdom and with teams from all EY service lines geographies and sectors playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. Well introduce you to an ever-expanding ecosystem of people learning skills and insights that will stay with you throughout your career.

• Continuous learning:Youll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you:Well provide the tools and flexibility so you can make a meaningful impact your way.
• Transformative leadership:Well give you the insights coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture:Youll be embraced for who you are and empowered to use your voice to help others find theirs.

About EY

EY Building a better working world

EY exists to build a better working world helping to create long-term value for clients people and society and build trust in the capital markets.

Enabled by data and technology diverse EY teams in over 150 countries provide trust through assurance and help clients grow transform and operate.

Working across assurance consulting law strategy tax and transactions EY teams ask better questions to find new answers for the complex issues facing our world today.

If you can demonstrate that you meet the criteria above please contact us as soon as possible.

The exceptional EY experience. Its yours to build.

In compliance with the requirements of the Whistleblower Protection Act our company has established the Procedure for reporting breaches of law and undertaking appropriate follow-up actions. Any misconduct should be reported through the EY Ethics Hotline.