Cyber Managed Services Solution Lead 1
  • United Kingdom London
  • EY
1 year before
31.12.2023
Oversee and Govern
Cybersecurity Management
Job Description

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.


As digital threats to business become more sophisticated, investing in cybersecurity has never been more important. Some big names have seen their reputations affected by highly publicized leaks, and our clients are increasingly looking to us to provide simple, innovative and effective security approaches and processes to transform their Cyber posture. Join us as a Senior Manager and you’ll play a key role in making that happen across multiple industries across EMEIA.


Your Role


This is a role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between supporting business development activities by providing tailored solutions, advising clients on transformation initiatives, delivering solution workshops, supporting market campaigns as well as work with technology ecosystem partners to incorporate suitable plug-ins. If you’re flexible and ready to adapt to a constantly changing environment, there’s no better place to develop your skills. Since you’ll be working directly with clients and regional client teams, some travel may be required.


Key Responsibilities but not limited to:


Perform the role of Solution Lead for taking CMS Solutions to clients across EMEIA.
Act as a Technical Presales to support opportunities around Cyber managed services solutions while working closely with other solutions leaders, product leads, alliance managers, managed services team members, delivery teams and Client executives for designated accounts/markets in support of key sales and account plans to achieve and exceed defined targets.
Be responsible for designing complex, multi-year, transformational managed services solutions that integrate People, process, technology and facility/location components into an effective and efficient solution, while considering data sovereignty and regulatory mandates.
Prepare proposals/Presentations/statement of work (SOWs) and respond to RFIs/RFPs by articulating EY’s CMS value proposition against the customer defined requirements and propose winning solutions, across the areas of Cyber Threat Intelligence, Threat Detection and Incident Response, Threat and Vulnerability Management, Data Privacy and Protection, Security Architecture and Operations, Identity and Access Management and Third Party Cyber Risk Management.
Work closely with Contract management and legal teams to ensure the proposed solution has the highest level of assurance along with well-defined service level management approach to effectively manage risk of engagements.
Act as a trusted advisor by engaging clients and EY client executives throughout the pre & post sales lifecycle – starting from providing solution briefings to capture Client technical & business requirements, propose technical solution, select suitable technology stacks, scope resources, effort estimation and other associated costs for the expected outcome - to deliver a successful business value proposition by achieving high level of customer satisfaction.
With your technical hands-on experience, you are expected to deliver engagements focused on developing business case (commercial and technical) for Cyber risk transformation and managed services and ensure client expectations are met by quality output.
Proactively participate in developing market-driven competitive service offerings around Cyber managed services and assist with developing content while working with regional teams including product management, sales, brand and communications, in-country cyber practice delivery teams and sector leaders.
Support and proactively engage with clients and industry on providing latest cyber trends, changes in the threat landscape and EY Cyber Managed services offering in internal/external events and publish thought leadership.
Ensure both personal and professional skills are kept up to date for successful execution of role.


Preferred experience:


5+ Years of core managed security services PreSales/Solution design and practice development experience.
Hands-on experience of successfully solutioning and delivering managed security services engagements across multiple cyber domains.
Experience in solutioning complex cyber managed services deals of size >5Mil USD.
Successful achievement of set goals/targets in the last three consecutive years.
Experience and exposure to onshore, offshore and nearshore delivery and operating models;
Expertise in constructing solutions with tiered and pay per use commercial models;
Experience working with key cybersecurity solutions and platforms, primarily around Identity & Access Management, Cyber Threat Intelligence, Threat Detection and Response, Cyber Analytics and Automation, Vulnerability Management, Third Party Risk Management, Cloud Security, Data Loss Prevention and Data Protection & Data Privacy.
Hands-On experience in tools such as Splunk, Elastic, Crowdstrike, Microsoft Security, ServiceNow, Palo Alto, Tanium, AttackIQ, Tenable, Qualys, Claroty, Nazomi, CyberX, Zscalar, BigID, Symantec, FireEye, Micro Focus, RSA, OneTrust.
In addition to vendor certifications, prefer to have certs like SABSA, ITIL, CISSP
Strong presentation skills and using of Microsoft Office suite.
Strong written and verbal communication skills – English (Must), German (preferable) and Other Regional Languages based on Markets (Preferable)


What We Look For


We’re interested in flexible professionals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. You’ll also need the confidence to give professional advice and guidance to colleagues and clients from a diverse range of cultures, often with limited information – both verbally and in writing. If you’re a fast learner, with strong influencing skills and a genuine passion for Cybersecurity, this role is for you.


What We Offer


As part of this role, you'll work in a highly integrated, global team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer:


Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.


Please apply to this role only through the ‘Apply’ link (not through the local office). Your application will then be routed to the appropriate recruiting team.


The exceptional EY experience. It’s yours to build.


EY | Building a better working world


EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.


Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.


Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.


Quick response

Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0026   Knowledge of business continuity and disaster recovery continuity of operations plans.
  • K0038   Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
  • K0054   Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
  • K0059   Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
  • K0151   Knowledge of current and emerging threats/threat vectors.
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0199   Knowledge of security architecture concepts and enterprise architecture reference models (e.g., Zachman, Federal Enterprise Architecture [FEA]).
  • K0287   Knowledge of an organization's information classification program and procedures for information compromise.
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

Required Skills
  • S0027   Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • S0086   Skill in evaluating the trustworthiness of the supplier and/or product.

Required Abilities
  • A0161  Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements).
  • A0165  Ability to manage Communications Security (COMSEC) material accounting, control and use procedure.
  • A0167  Ability to recognize the importance of auditing Communications Security (COMSEC) material and accounts.
  • A0177  Ability to recognize the unique aspects of the Communications Security (COMSEC) environment and hierarchy.