CRL2.0 Senior

EY | Posted 14-01-2022

Thiruvananthapuram (Cyber Security)


At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.


EY – Cybersecurity – Cyber Strategy- Data Privacy & Protection – Senior Level

As part of our Cybersecurity team, you will be part of the focused team to activities related to Data Privacy & Protection for various clients across the MENA region. DPP and Cyber Security are few of the most important risks facing businesses today. We are looking for trusted consultants to enhance the capability. Also, as organizations move forward on their digital journey the cybersecurity risk exposure is increasing and there is a huge demand for trusted cybersecurity consultants. Our clients are overwhelmingly turning to EY for help and guidance on how to enhance the privacy and protect their assets, minimise business disruption and improve security.


The opportunity

We’re looking for looking for a Cybersecurity & Data Protection & Privacy (DPP) -Senior Consultant level to join our Cyber Security team in GDS Kerala location. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of our service offering.


Your key responsibilities

A large part of your role will be engagement delivery and provide support to various stakeholders across MENA region. We’ll expect you to deliver DPP and cybersecurity engagements with very minimal supervision. We also expect you to support executives in development of proposals, presentations and other business development activities. You will be responsible for the delivering the requirements with quality of the Cybersecurity & DPP activities to our client.


You will have responsibility for;

  • Delivering cybersecurity engagements including development of cybersecurity strategy, cybersecurity governance, risk and compliance activities, development of
cybersecurity policies and procedures in line with ISO 27001 and ISO27701
  • Knowledge in information security and hands-on experience with key components of cybersecurity consulting incl.:
  • Cybersecurity assessments and road-mapping,
  • Cyber Transformation,
  • Security governance, risk and compliance,
  • Security Awareness,
  • Implementation experience on ISO 27001 end-to-end.
  • Experience in working independently or as part of a large team to delivery Cyber services on its own or within large complex projects.
  • Practical experience with conducting risk assessments and testing of controls
  • Excellent analytical skills and knowledge of data analytics methods
  • Possession of the CISA, ISO 27001 LA/LI certification or equivalent
  • Conducting Privacy Impact Assessments, analyse and document assessments, work out questionnaires and standard documentation.
  • Supporting the standardization of Risk and IT Control catalogues for regulatory compliance.
  • Deploy processes and tools to help detect and prevent privacy breaches.
  • Deploying Data leak prevention tools and implementation of endpoint protection.
  • Extensive knowledge in GDPR regulation and its requirements. Supporting and guide our clients in adhering to the complex web of relevant national and international regulations.
  • Ensuring a harmonized approach towards data protection and privacy by bringing together our client’s stakeholders (e.g. legal, compliance, risk, HR, security,
business functions…).
  • Assisting clients in privacy related incident response activities.
  • Supporting the client’s team by acting as an interim team member (e.g. security officer, security manager, security analyst).
  • Support the cyber executives with the development of proposals, presentations, etc.
  • Championing EY and the cyber security team, helping to attract and retain world-class talent
  • Contributing to the latest thought-leadership and industry research relating to cyber security
  • Excellent interpersonal, written, verbal, communication, and presentation skills
  • Excellent command in written and spoken English
  • Experience in managing professional service project teams

Your role will broadly constitute 80% engagement delivery and 20% business development.


Skills and attributes for success

An existing track record of successful engagement delivery in data protection & privacy and cyber security is expected of all candidates for this role. A Big 4 background or comparable consulting experience is highly advantageous. A broad background across DPP and security is expected with specific experience in two or more of the following areas, essential;

  • At least 6-9 years of sound industry experience in one or more of the following areas: cyber strategy and knowledge in Information security, privacy governance,
assessment, remediation, policies, procedures, data retention concepts and Data Classification implementation knowledge,
  • Familiar with GDPR regulatory requirements and other privacy regulations (MENA preferred)
  • Security policies and procedures, design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards,
ISO27001, NIST, SANS etc.
  • Data privacy, implementation of data protection / GDPR programmes to address confidentiality and security over customer, employee or patient data.
  • Cyber awareness programmes, design and delivery of cyber security awareness programmes to executive level or wider organisation
  • Excellent command in written and spoken English
  • Experience in managing professional service project teams


To qualify for the role, you must have

  • A bachelor's or master's degree
  • 6-9 years of experience in ISO 27001/DPP implementation and knowledge in Data classification
  • Certifications like ‘Certified Information Privacy Professional (CIPP)’ or ‘Certified Data Privacy Solutions Engineer’, GDPR implementation certified will be highly preferred
  • Security related qualifications such as ISO 27001 LI/LA, ISO27701, CISA
  • Excellent communication skills with consulting experience preferred
  • A valid passport for travel.


What working at EY offers

You’ll need to be highly motivated, a self-starter and a strong communicator with the ability and experience to discuss technical content in business language to board level. You’ll also need to be a team player who is not only looking to enhance their own career but recognises the value in developing others and strengthening the team. Plus, we offer:
Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact.
Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader
Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

About EY

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2021 a reality.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Join us in building a better working world.

Apply now


EY | Building a better working world


EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.


Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.


Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.