EY's people in more than 150 countries are committed to operating with integrity, quality and professionalism in the provision of audit, tax, transaction and advisory services. We strive to help all of our people achieve their professional and personal goals through an inclusive environment that values everyone's contributions, appreciates diversity of thought, fosters growth, and provides continuous opportunities for development. Recognized as one of Canada's top employers, EY continually strives to be a great place to work.
We are actively seeking a Senior Consultant to join our Cybersecurity team. As a member, you'll contribute technically to cybersecurity and IT risk client engagements and internal projects. An important part of your role will be to actively establish internal and external relationships. You'll also identify potential business opportunities for EY within existing engagements, and escalate these as appropriate. Similarly, you'll anticipate and identify risks within engagements and raise any issues with senior members of the team. In line with EY's commitment to quality, you'll confirm that work is of high quality and is reviewed by the next-level reviewer.
This position falls within our Advisory team, which helps our clients enhance the effectiveness of operations functions by assisting them as they shift their emphasis from transaction-level control, processing and reporting to more value driven, decision support and analytics.
Participate in cybersecurity and IT Risk engagements
Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress
Participate and assist in preparing for meetings with target management teams
Help prepare reports and schedules that will be delivered to clients and other parties
Develop and maintain productive working relationships with client personnel
Build strong internal relationships within EY Advisory Services and with other services across the organization
Contribute to people-related initiatives, including recruiting and retaining staff
Maintain an educational program to continually develop personal skills of staff
Understand and follow workplace policies and procedures
Desired qualifications include:
Hands-on experience with key components of Cybersecurity including Penetration Testing, Red teaming, Vulnerability management, Network & Infrastructure security, managed detection and response.
Risk and compliance, security architecture, data protection, privacy, security awareness would be an asset
Undergraduate or masters’ degree preferably in one of the following areas: Information Security, Business Management, Information Systems, Computer Science, Engineering, and other related majors
Expert knowledge and practical experience with common frameworks, standards and methodologies used such as MITRE, OWASP, NIST Cybersecurity, IS 27001/2.
Practical experience with conducting penetration tests and executing red team engagements.
Proven book of business and ability to lead and grow a team.
Possession/working towards the following certifications: CISSP, CISA CISM, OSCP, GPEN, GWAPT
Familiarity with or knowledge of cybersecurity in Industrial Control Systems and Operational Technology an asset.
Demonstrated leadership abilities, willingness and drive to build a national penetration testing/red teaming service line
Excellent interpersonal, written, verbal, communication, and presentation skills
Willingness and ability to travel approximately 50-70%.
EY is committed to inclusiveness, equity and accessibility. We encourage all qualified candidates to apply