Cybersecurity Consultant- Governance, Risk, and Compliance team
Tel Aviv, IL, 6706703
EY
EY provides consulting, assurance, tax and transaction services that help solve our client’s toughest challenges and build a better working world for all.About the Role:
EY Israel’s Advanced Security Center (ASC) provides a broad range of cybersecurity services to cross-industry clients.
As a Cybersecurity Consultant within our Governance, Risk, and Compliance (GRC) team, you will play a key role in shaping and enhancing our clients' cybersecurity posture.
Key Responsibilities:
Responsibilities will include to –
- Serve as a trusted advisor, collaborating closely with clients to understand their unique challenges and providing expert guidance on cybersecurity and risk management.
- Manage end-to-end delivery of client engagements, from scoping through execution.
- Assist clients in developing / enhancing their cybersecurity strategies and multi-year implementation roadmaps, in alignment with their risk landscape.
- Provide support in the design and implementation of cybersecurity governance frameworks and policies.
- Conduct comprehensive risk assessments to identify and prioritize cyber risks and develop risk management strategies to mitigate risks effectively.
- Assist clients in defining risk appetite and tolerance levels aligned to business objectives.
- Conduct gap assessments to evaluate clients' compliance with relevant standards and frameworks and develop compliance strategies and roadmaps tailored to clients' needs.
- Support clients in increasing their incident readiness with custom-tailored incident response plans / playbooks and the delivery of tabletop exercises and cyber simulations.
- Support secure architecture and configuration review for network and security infrastructure and provide recommendations to meet evolving threats.
- Collaborate on internal innovation initiatives, contribute to the development of new service offerings and the enhancement of existing service methodologies.
Your Experience:
- You have at least 5 years’ experience working in cybersecurity, with a focus on governance, risk, and compliance. Consideration will be given for equivalent combined experience in an IT, Risk Management or technology management capacity.
- You have working knowledge of general IT and business processes and familiarity with organizational technology landscapes.
- Hands-on technology administration is not required, but sufficient familiarity to participate in technical discussions is critical.
- You have a deep understanding of cyber risk assessment and risk management, and familiarity with cybersecurity- and privacy-related regulatory compliance requirements, industry standards and frameworks (NIST, PCI, ISO, etc.), and key technical concepts (e.g., networking, protocols, cloud technologies).
- Preferred: You have demonstrated working knowledge of at least one of the following – SSDLC, secure architecture design, threat modelling, data privacy, AI security, cloud security.
Additional Skills:
- You have strong analytical and critical reasoning skills, and the ability to analyze complex cybersecurity issues, identify root causes, and identify appropriate solutions.
- You are self-motivated and an independent learner.
- You have a strong ability to work collaboratively within a team and build relationships.
- You are organized and proactive, with strong project management skills and a proven ability to manage concurrent projects and deliver results within budget and on time.
- You have strong verbal and written communication skills (English and Hebrew) as well as report writing and presentation skills.
- You are comfortable taking a client-facing role and can effectively convey technical concepts to non-technical stakeholders.
- A bachelor’s degree in a relevant field and relevant industry certifications (e.g., CISSP, CISM, CRISC) are preferred qualifications; equivalent experience and industry-specific learning will be considered.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISM CISSP Cloud Compliance CRISC Governance Incident response NIST Privacy Risk assessment Risk management
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs