Technology Consulting - Cyber Security
About this position
At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. Join us and build an exceptional experience for yourself, and a better working world for all.
Responsibilities
Your Key Responsibilities:
• Perform cyber security and IT security assessments for clients (e.g. cyber security program assessment, cyber security risk assessments, IT network infrastructure reviews, system technical configurations review, information security policies and processes/procedures review etc.)
• Work on IT security design, analysis and implementation of security protection solution.
• Evaluate and analyze threat, vulnerability, system weakness, impact and risk to security issues discovered from security assessments like Vulnerability Assessment (VA), Penetration Testing (PenTest), etc.
• Advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes, controls and systems.
• Advise client on the security incident response end-to-end process (i.e. preparation, detection, analysis, response and recovery of the security incident).
Requirements
To qualify for the role you must have:
• Bachelor's degree or Master’s degree in Computer Engineering, Computer Science, Information Systems, IT Security, ICT or other related fields.
• Minimum 2 years' experience in such areas as IT security management design and implementation, IT security assessment and IT technical background.
• Familiar with leading IT security processes and tools.
• Highly proficient in both English and Thai with good written and oral communication and analytical skills.
Ideally, you’ll also have:
• Having experience in project planning and management will be a plus.
• Professional certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), and / or Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or ISO27001 will be highly considered.
• Experience in new generation security practices (i.e. DevSecOps, iPentest, RedTeaming, System Resilience Design).
• Experience in Emerging Technologies (i.e. Cloud Computing, Blockchain).