We currently are seeking a highly motivated Manager to manage client engagement teams, work with a wide variety of clients to deliver professional services, and manage business development activities on strategic and global priority accounts. Our IT Risk Transformation practice focuses on the following enterprise IT and business enablement functions; Information Security and Privacy, Governance, Risk and Compliance (GRC) technology assessment, We deliver valuable insights and enable better business decisions through improved quality of information. Our team members deliver world-class information technology advice as part of our broader risk and business improvement services. We provide services such as financial audit IT integration, third party reporting, IT Risk Advisory, information management and analysis, and information security. Ernst & Young Advisory Services is a fast-moving, high-growth area with huge potential. It offers variety, challenge, responsibility and the opportunity to realize your leadership potential. Being a member of our Advisory team means you will specialize in a particular competency - Risk, Performance Improvement, or IT Risk & Assurance. The opportunity is now! If you are interested in being part of a dynamic team, serving clients and reaching your full potential - Ernst & Young Advisory Services is for you! Ernst & Young's Center of Excellence includes our IT Risk Transformation's Information Security sub-service line which provides knowledge in leading practices and methods in the space of information security across multiple industries and sectors. This team helps our clients assess, design, implement and maintain a secure and high performance business environment. Services include:
* Security strategy - Assess, design and implement a security strategy and governance program framework that describes the process, controls, organization and infrastructure to manage information security related concerns.
* Security implementation - Design, implement and integrate security solutions to address enterprise risks and exposures.
* Security governance - Design and implement security policies, procedures and standards that describe pragmatic, risk-based mechanisms to maintain the confidentiality, integrity and availability of information systems and the data processed therein.
* Security monitoring - Design and implement security solutions to monitor the efficiency and effectiveness of security operations, controls and infrastructure. We currently have a career opportunity for a Manager in Data Protection Solutions with demonstrated experience in managing teams and developing data protection strategies and implementing solutions to provide data security, privacy and integrity.
Effectively manage and motivate client engagement teams with diverse skills and backgrounds. Provide constructive on-the-job feedback/coaching to team members. Foster an innovative and inclusive team-oriented work environment. Play an active role in counseling and mentoring junior consultants within the organization. Foster relationships with client personnel at appropriate levels. Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Manage expectations of client service delivery. Stay abreast of current business and industry trends relevant to the client's business. Cultivate and manage business development opportunities. Understand Ernst & Young and its service lines and actively assess/present ways to serve clients. Develop and maintain long-term client relationships and networks. Develop relationships with team members across all Ernst & Young practices to serve client needs. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Possess in depth business acumen. Remain current on new developments in advisory services capabilities and industry knowledge.
To qualify, candidates must have:
* a bachelor's degree and approximately 5 years of related work experience; or a graduate degree and approximately 4 years of related work experience
* a degree in Computer Science, Information Systems, Engineering, or related major
* knowledge of general security concepts and methods such as vulnerability assessments, privacy assessments, intrusion detection, incident response, security policy creation, enterprise security strategies, architectures and governance
* strong understanding of regulatory requirements and compliance issues affecting clients related to privacy and data protection, such as GLBA, Basel II, EU Data Protection Directive, International Cross Border, and U.S. State Data Privacy Laws.
* developing, implementing or architecting information systems experience
* technical architecture experience integrating data protection software into clients' infrastructure
* working knowledge of operating systems such as Microsoft Windows and Unix and OS/400
* working knowledge of mainframe security packages such as TopSecret, ACF2 and RACF
* working knowledge of relational database management systems such as Oracle, Sybase, and MS SQL Server
* network architecture design, implementation and administration
Demonstrated experience in three or more of the following areas:
* Data leakage/content monitoring and filtering
* Secure messaging/email encryption
* Mobile device security
* Disk, file, device, and database encryption
* Key management/Public Key Infrastructure (PKI)
* Data classification and privacy policies
* Digital Rights Management (DRM)
* Logging, monitoring, and security event management