Cyber Senior Manager
  • South Africa Cape Town
  • EY
1 year before
31.12.2023
Oversee and Govern
Cybersecurity Management
Job Description

EY Technology


At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.


If you want to be part of an organization where technology, processes, change management and people all share an equal part you should join our team! We are looking for people who are interested in the Microsoft Ecosystem.


The opportunity


EY’s cyber security practice is one of the fastest growing areas of the business with significant ambition for the future through additional recruitment and acquisition.


EY is looking for experienced team members who can advise organisations on how to manage their security appropriately.


The role will see you providing specialist advice as part of large multi-discipline EY engagement teams working on the likes of cyber transformation, architecture and migration, supporting specific security engagements reviewing a client’s cyber maturity, advising on improvement roadmaps, assessing a client’s compliance with industry leading practice standards, or optimising cyber defence operations. We value flexibility and breadth of experiences and you may also provide support to other cyber disciplines such as identity and access management, data protection or ‘next generation’ security operations.


You will work with colleagues both in South Africa, the Rest of EMEIA and globally to develop new and innovative solutions and specific industry propositions that solve client problems/issues and integrate with their overall IT delivery and support strategy. In addition to the above, you will have an opportunity to work across all aspects of Cyber, Technology and Business Consulting.


Your Key Duties And Responsibilities


Your responsibilities will include but are not limited to:


Leading a portfolio of large, complex, cyber projects
Work across a portfolio of cyber security engagements with our clients, responsible for the day to day delivery of engagement activity contributing to the achievement of quality, time and budget targets
Creating high quality reports as part of a team, for review by engagement and project leaders.
Identifying sales opportunities and working with senior practice leaders and market leaders in the creation of proposals and marketing material.
Leading and developing junior team members by sharing knowledge, acting as mentor and coach to them and leading by example.
Creating thought leadership and market materials for selling and promoting EY cyber security offerings


Skills and attributes for success:


We are looking for someone who has:


Ambition to develop a career within EY specialising in cyber security
Ability to develop and deliver high quality output against stated project objectives and meet tight deadlines
Ability to work under limited supervision (‘self-starter’) in unstructured environments
Strong interpersonal skills, comfortable working with a diverse range of personalities across client and partner organisations
Be professional, quickly establishing personal credibility and demonstrating expertise
Be a good communicator with the ability to contribute assuredly to security discussions with peers
Be a team player who is not only looking to enhance their own career but recognises the value of teamwork, facilitating and encouraging collaboration amongst team members
Take a practical approach to solving issues and gaining client agreement
Be able to analyse complex problems and to deliver insightful, practical and sustainable solutions.
Be confident and effective in recognising and managing potential issues during client assignments
Structure and manage projects which meet client expectations and mitigate any risks or issues


To qualify for the role you must have

Professional experience delivering cyber security either in an operational or consulting role, including:
Cyber Security architecture design and implementation, including Cloud
Security Operations Centres (SOC)
Identity & Access Management (IAM)
Data Loss Prevention and Data Protection
Security assessments related to threat, vulnerability and penetration testing
Cyber strategy and governance
High level of drive, commitment to achieving solutions, and ability to work under pressure
Ability to develop impactful written presentations and participate effectively in meetings with senior stakeholders
Ability to work under limited supervision (‘self-starter’) in unstructured environments
Experience working with others in the development and delivery of complex solutions and/or proposition development


Ideally, you’ll also have


Security related qualifications such as CISSP, CISM, CISMP, ISO27001 lead implementer or auditor, MBCI or IAPP. We value practical experience so welcome applications from those who do not hold, or are still working towards their qualifications.
Key delivery experience in the following security disciplines: security architecture, security operations, cyber strategy, transformation and compliance
Key sector experience in one or more of the following: Government & Public sector / Energy & Utilities / Retail and Consumer products / Financial Services – Banking & Insurance
Professional services experience working with market leading organisations in the delivery of their cyber solutions


What We Look For


We’re interested in passionate leaders with a strong vision and a desire to stay on top of trends in the Cyber Security space. If you have a strong passion for helping businesses protect their digital assets, this role is for you.


What We Offer


Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
Continuous learning: personalised career development including coaching, experiences and formal learning so you’ll develop the mindset and skills you’ll need to thrive in the future.
Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.


At EY, you’ll be rewarded and recognised based on your performance and our comprehensive benefits package can be tailored to your individual needs.


We hold a collective commitment to foster an environment where all differences are valued and respected, practices are equitable and everyone experiences a sense of belonging.


The exceptional EY experience. It’s yours to build!


EY | Building a better working world


EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.


Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.


Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.


The preferred applicant will be subject to employment screening by EY or by their external third party provider.

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0059   Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
  • K0007   Knowledge of authentication, authorization, and access control methods.
  • K0033   Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • K0038   Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0199   Knowledge of security architecture concepts and enterprise architecture reference models (e.g., Zachman, Federal Enterprise Architecture [FEA]).
  • K0622   Knowledge of controls related to the use, processing, storage, and transmission of data.
  • K0285   Knowledge of implementing enterprise key escrow systems to support data-at-rest encryption.
  • K0047   Knowledge of information technology (IT) architectural concepts and frameworks.
  • K0194   Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration.
  • K0249   Knowledge of sustainment technologies, processes and strategies.
Required Skills
  • S0027   Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • S0059   Skill in using Virtual Private Network (VPN) devices and encryption.
  • S0138   Skill in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic).
Required Abilities
  • A0033  Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities.
  • A0023  Ability to design valid and reliable assessments.
  • A0129  Ability to ensure information security management processes are integrated with strategic and operational planning processes.
  • A0130  Ability to ensure that senior officials within the organization provide information security for the information and systems that support the operations and assets under their control.