If interested and your profile match with below requirements – please share CVs to

MadhaGa80@gmail.com

Technology Consulting- Cloud Security Architect - Manager

EY’s Cyber Security practice is one of the fastest growing areas of the business with an
immediate requirement for security architect. As part of our Cyber team you will be providing
consulting and technical support to help our clients improve their cyber security posture to
respond to the dynamic Cyber Security threats. You will provide security domain expertise and
utilise your business insight to work closely with our clients to advise, design, build, deploy and
test pragmatic security solutions that will give real and tangible benefits and security
enhancement.

The opportunity

You will be a core member of a highly skilled and rapidly growing team of Technical Security
specialists. As a member of the team, you will have the opportunity to grow your career in
leading the delivery of security architecture and design solutions with a significant opportunity
for leadership experience and career progression.

Your key responsibilities

Your role will be as a security architect to assist in security architecture design reviews through
the lifecycle complex projects across a wide selection of technologies and platforms for our
client’s digital solutions. You will secure enterprise information by determining security
requirements; planning, implementing, and testing security systems; preparing security
standards, policies, and procedures; mentoring team members. You will belong to an
internationally connected team of specialists helping clients with their most complex
cybersecurity needs and contributing toward their security posture and business resilience.

The successful candidate will have a highly technical information security background and will
be well versed in cloud security technologies, standards and best practices. Preference will be
given to any candidate who has experience in securing cloud environments with strong network
and hybrid cloud/on-prem experience. This person will also possess strong organisation and
communication skills, with consulting and client facing experience with the ability to work
independently or in a highly collaborative environment.

Knowledge and Skills for the role include

• Ability to take on responsibility for project security review reports and to follow these
through to completion including liaising with security and project stakeholders and offer
 robust security posture advice and ensuring formal security approval of ‘go live’
scenarios.

• Ability to independently lead and support remote teams in performing complex

architecture reviews in a variety of environments, liaising with several teams across
different client sites.

• Expert-level technical security knowledge is a must.

• Understanding and experience designing and implementing enterprise security and

solution security architectures for large organisations leveraging frameworks such as
SABSA and TOGAF.

• Implementation of cybersecurity controls using industry-leading practices such as NIST

CSF, NIST 800-53, OWASP, Centre for Internet Security (CIS), ISO 27001, COBIT etc.

• Experience in maintaining compliance with regulations and standards such as NISD,

GDPR, PCI-DSS etc. in executing security architecture design reviews and advice, in
addition to audit requirements and exacting reporting formats.

• Experience in security vulnerability identification, application security remediation and

threat modelling approaches such as cyber kill chain, STRIDE, exposure analysis etc.

• An in-depth awareness and understanding of the cyber and business risks associated
with the threat and vulnerability and penetration testing domain.

• Requirement to stay up-to-date on current security threats, trends and control solutions.

• Experience in preparing system security reports by collecting, analysing, and

summarizing data and trends for project and operational and project governance
reporting.

• A consultative manner and customer facing skills with the ability to communicate with
stakeholders at all levels and advise on best practices in the security domain.

• Excellent communication and stakeholder management skills and ability to negotiate

and manage expectations with business as well as technology stakeholders.

• Involves travel 60% of the time

Experience and attributes for success:

Experience:

• 5-7 years' experience working in cyber security technical roles advising on security
controls design, implementation and testing on across various sectors.

• Experience with audits of compliance frameworks such as PCI, ISO, or HIPAA.

• Experience in ‘Big 4’ or similar consultancy experience; MENA market experience is good

to have.
 • Track record in supporting the delivery of a broad range of cyber security controls and
projects in an Enterprise environment.

• Government, Transport, Financial, Oil & GAS sector experience desirable.

• Strong analytical skills to solve technical issues and flexibility in handling multiple
issues at once.

• Consulting experience and stakeholder management skills

You will also have focussed on some of these areas in the past:

• Application, Mobile, IoT, Cloud, Infrastructure and Network Security controls.

• Programming/scripting experience (Powershell, ASP, .NET, Python, Perl).

• Log analysis and configuration reviews across infrastructure components including-

Servers, Firewalls, WAF’s, SIEM, VMware, etc.

• Security Engineering or Architecture (SABSA an advantage).

• Knowledge of CI/CD would be an advantage.

• Specifying and performing vulnerability analysis and review pen test and scan results.

Attributes:

• Excellent communication and project management skills (verbal and written).

• Excellent organisational and problem-solving skills in addition to strong attention to

detail.

• Excellent working knowledge of Microsoft PowerPoint, Word, Excel and online research
tools.

• Strong collaboration skills, ideally working with global and multi-functional teams.

• Ability to prioritise and work to tight deadlines and manage own caseload.

• The ability to learn quickly and to work well under pressure.

• The ability to listen attentively and express complex issues concisely to clients.

• An enquiring mind, the tenacity to overcome technical challenges, and an ability to

approach problems from different perspective.

• Show leadership and motivate teams, including project management of consultancy

projects.
 • Participate in implementation or deployment of new tools, processes and best-practices
in order to improve knowledge sharing and to raise security level while promoting
security awareness among team members.

Qualifications:

• Undergraduate or masters’ degree preferably in one of the following areas: Information

Security, Cyber Security, Cloud Computing, Information Systems, Computer Science,
Engineering, and/or other equivalent industry certification.

• Industry-related certification preferred (e.g. CISSP, CISM, SANS, SABSA, TOGAF).

• Cloud Security (Azure AZ900, AZ500 and AWS Security an advantage).