Cyber Security Manager / Senior Manager

About the RoleAs a Manager/ Senior Manager in the EY cyber security practice, you will lead and manage teams to deliver security engagement with our clients. You will contribute technical insights to client engagements. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You'll also identify potential business opportunities for EY within existing engagements and escalate these as appropriate.Key responsibilities include:Leading a portfolio of engagements and projects with our clients; reporting to a Director or PartnerManaging and creating reports and via review ensuring the highest quality deliverables prior to Director’s and Partner’s reviewContributing to developing the market for Cyber Security services across all sectors and identify sales opportunities and escalating these to senior managementEstablishing client relationships with senior stakeholders across our clients including internal stakeholdersWorking with prospective clients to identify opportunities, scope engagements, and create high quality proposalsAdvocating and championing Cyber Security service both internally to our wider network of colleagues and to our clients and the wider marketContributing to the creation of proposals and marketing materialManaging engagements to time and budgetContributing to the development of the existing cyber risk team acting as mentor and coach to the junior members of the team and leading by exampleContributing to the latest thought-leadership, industry research and creation of marketing collateral relating to cyber security As a cyber security Manager/Senior Manager, you will be involved in one or more of the below:Perform security risk and controls assessments and/or penetration testing to evaluate and analyze threat, vulnerability, impact, risk and security issues to Business.Assist client in evaluating, enhancing or developing, and managing their:Cybersecurity Management programs including technology controls, process controls, and governance, risk and compliance elementsBusiness Continuity and Disaster Recovery Management programsData Protection and Privacy management programsThreat and Vulnerability Management programsSecurity Incident Detection and Response management programsIdentity and access management programsYou are expected to:Consistently deliver quality client services and manage expectations of client service delivery.Stay abreast of current business and industry trends relevant to the client's business.Demonstrate technical, risk capabilities and professional knowledge.Remain current on new developments in advisory services capabilities and industry knowledge. Skills and attributes for successSecurity strategy - assess, design and implement security strategy, governance frameworks over processes, controls, organisation and infrastructure to management of cyber securitySecurity transformation programmes – design and management of security solution implementations and / or remediation programmes to address risksIdentity and access management (IDAM) - assessing current IDAM practices and designing solutions to improve IDAM processes, privileged access and recertification programmes.Breach and incident management - design and implementation of breach and major incident management practicesSecurity policies and procedures - design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, ISO27001, NIST, SANS etc.Data privacy and data protection - implementation of data protection and/or privacy programmes to address confidentiality and security of personal dataResilience - design and implementation of programmes to improve IT Disaster Recovery, Business ContinuitySecurity over operational technology and control systems (SCADA)Security architecture – creating secure architecture designs for solutions, designing secure patterns for reuse and the delivery of architectural reviews using TOGAF or SABASecurity around emerging technology platforms – mobile device platforms (iOS, Android), cloud services (IaaS, PaaS, SaaS), Big Data, Social media QualificationsA bachelor’s degree in computer science, computer/ electrical engineering, information technology or a related fieldRelated professional certifications such as CISSP, CCSP, CISM, OSCP, etcMinimum 5 years for Managers or 8 years for Senior Managers of recent relevant work experience in information security or information technology disciplineExperience in client service delivery and be able to manage multiple engagement teams and projectsProject and program management related certification such as Prince, Scrum, Agile, etc.