S&T Senior Security Consultant SDLC

Senior Security Consultant - SDLC

Location: Wrocław - 2 days in office / 3 days remote

Let us introduce you the job offer by EY GDS Poland a member of the global integrated service delivery center network by EY.

Technology is central to EYs operations and service delivery. With 250000 professionals across 140 countries secure and efficient technology enables our people to work seamlesslywhether on laptops mobile devices or through internal and client-facing solutions. Technology drives innovation and underpins the services we provide.

EY Technology is organized into three business units:

• Client Technology (CT):Develops innovative technology services for clients accelerating opportunity identification and delivery.
• Enterprise Workplace Technology (EWT):Supports core business services with cost-effective user-centric technology infrastructure.
• Information Security (Info Sec):Protects EY and client data by preventing detecting and mitigating cyber risks.

The opportunity

As a Security Consultant within EYs Client Service Security Consulting and Assurance team you will be a trusted advisor to EYs Strategy & Transactions and Sustainability service line. You will support global platforms AI and analytics solutions and line-of-business services. Your role includes reviewing security architectures providing security guidance prioritizing security requirements promoting secure-by-design principles and facilitating security throughout the system development life cycle (SDLC). You will also provide guidance in risk treatment and translate technical vulnerabilities into business risk language for stakeholders.

Your key responsibilities

• Define pragmatic security architectures balancing business benefits and risks.
• Collaborate with IT project teams throughout the SDLC to identify and implement security controls.
• Conduct risk assessments of information systems and infrastructure.
• Maintain and enhance the Information Security risk assessment methodology.
• Develop security configuration standards for platforms and technologies.
• Recommend risk treatment and mitigation strategies for identified security risks.
• Translate technical vulnerabilities into business risk terms and advise stakeholders on corrective actions.
• Share knowledge and provide technical support to team members.
• Serve as a Subject Matter Expert (SME) in assigned technologies with deep technical expertise.

Skills and attributes for success

• Strategic mindset to develop long-term risk management and security frameworks.
• Ability to balance security needs with business impact and benefits.
• Skilled in facilitating compromise to advance security objectives incrementally.
• Strong understanding of EYs business objectives and ability to build cross-functional relationships.
• Collaborative team player who promotes security policy compliance.
• Experienced in leading meetings with diverse stakeholders building consensus and mediating compromises.
• Comfortable working in ambiguous and dynamic environments.
• Minimum five years experience in architecture design and engineering of web-based multi-tier systems or network infrastructures.
• Experience with security architecture and assessment of messaging ERP CRM or data analytics solutions.
• Proficient in conducting risk vulnerability vendor and third-party assessments with remediation recommendations.
• Familiarity with security standards such as ISO 27001/27002 NIST PCI DSS ITIL COBIT.
• Experience with cloud technologies and solutions preferably Microsoft Azure.

To qualify for the role you must have

• Advanced degree in Computer Science or related field or equivalent experience.
• At least five years managing significant Information Security risk functions.
• Eight or more years in Information Security or IT roles.
• Proven ability to communicate security findings and recommendations effectively to IT teams and management.
• Exceptional judgment tact and decision-making skills.
• Adaptable to shifting priorities ambiguity and rapid change.
• Strong management interpersonal communication organizational and decision-making skills.
• Minimum two years experience with cloud architecture design and assessment.
• Proficient in English.

Ideally youll also have

• GIAC certifications CSSP CISSP CISM or CISA are highly desirable or candidates actively pursuing these certifications.

What we offer

EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across nine locations Argentina Hungary India the Philippines Poland Sri Lanka Mexico Spain and the United Kingdom and with teams from all EY service lines geographies and sectors playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants we offer a wide variety of fulfilling career opportunities that span all business GDS you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. Well introduce you to an ever-expanding ecosystem of people learning skills and insights that will stay with you throughout your career.

• Continuous learning: Youll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: Well provide the tools and flexibility so you can make a meaningful impact your way.
• Transformative leadership: Well give you the insights coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture:Youll be embraced for who you are and empowered to use your voice to help others find theirs.

About EY

EY Building a better working world

EY exists to build a better working world helping to create long-term value for clients people and society and build trust in the capital markets.

Enabled by data and technology diverse EY teams in over 150 countries provide trust through assurance and help clients grow transform and operate.

Working across assurance consulting law strategy tax and transactions EY teams ask better questions to find new answers for the complex issues facing our world today.

If you can demonstrate that you meet the criteria above please contact us as soon as possible.

The exceptional EY experience. Its yours to build.

In compliance with the requirements of the Whistleblower Protection Act our company has established theProcedure for reporting breaches of law and undertaking appropriate follow-up actions. Any misconduct should be reported through the EY Ethics Hotline.