Cyber Security Manager / Senior Manager

EY Federal Territory of Kuala Lumpur, Malaysia Cyber Security Manager / Senior Manager

EY Federal Territory of Kuala Lumpur, Malaysia Overview

As a Manager / Senior Manager in the EY cyber security practice, you will lead and manage teams to deliver security engagements with clients. You will contribute technical insights to client engagements and actively establish, maintain and strengthen internal and external relationships. You will identify potential business opportunities for EY within existing engagements and escalate these as appropriate. Key responsibilities

Leading a portfolio of engagements and projects with our clients; reporting to a Director or Partner Managing and creating reports and ensuring the highest quality deliverables prior to Director’s and Partner’s review Contributing to developing the market for Cyber Security services across all sectors and identifying sales opportunities and escalating these to senior management Establishing client relationships with senior stakeholders across our clients including internal stakeholders Working with prospective clients to identify opportunities, scope engagements, and create high quality proposals Advocating and championing Cyber Security service both internally to our wider network of colleagues and to our clients and the wider market Contributing to the creation of proposals and marketing material Managing engagements to time and budget Mentoring and coaching junior members of the cyber risk team and leading by example Contributing to latest thought leadership, industry research and creation of marketing collateral relating to cyber security Engagement scope

Perform security risk and controls assessments and / or penetration testing to evaluate threat, vulnerability, impact, risk and security issues for the business Assist clients in evaluating, enhancing or developing and managing their cybersecurity management programs including technology controls, process controls, and governance, risk and compliance elements Support Business Continuity and Disaster Recovery Management programs Support Data Protection and Privacy management programs Support Threat and Vulnerability Management programs Support Security Incident Detection and Response management programs Support Identity and access management programs Expected capabilities

Consistently deliver quality client services and manage client service delivery expectations Stay abreast of current business and industry trends relevant to the client’s business Demonstrate technical, risk capabilities and professional knowledge Remain current on developments in advisory services capabilities and industry knowledge Skills and attributes for success

Security strategy : assess, design and implement security strategy and governance frameworks for processes, controls, organisation and infrastructure Security transformation programmes : design and management of security solution implementations and remediation programmes Identity and access management (IDAM) : assess current IDAM practices and design improvements Breach and incident management : design and implementation of breach and major incident management practices Security policies and procedures : design and implementation of security policies, procedures, standards and controls in line with regulations and standards (ISO27001, NIST, SANS, etc.) Data privacy and data protection : implement data protection / privacy programmes Resilience : design and implement IT Disaster Recovery, Business Continuity programs Security over operational technology and control systems (SCADA) Security architecture : create secure architecture designs and patterns; conduct architectural reviews using TOGAF or equivalent Security around emerging technology platforms : mobile, cloud services, Big Data, social media Qualifications

A bachelor’s degree in computer science, computer / electrical engineering, information technology or a related field Relevant professional certifications such as CISSP, CCSP, CISM, OSCP, etc Minimum 5 years for Managers or 8 years for Senior Managers of recent relevant work experience in information security or information technology Experience in client service delivery and the ability to manage multiple engagement teams and projects Project and program management certifications such as PRINCE2, Scrum, Agile, etc.

#J-18808-Ljbffr