GDS Consulting | Cyber Security Senior Consultant

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Cybersecurity Senior Consultant
This role requires a strong understanding of cybersecurity concepts, cloud security best practices, and risk 
management frameworks. The ideal candidate should have experience working with multiple Cloud Service Providers 
(CSPs) like Azure, AWS, and GCP, and possess knowledge in application security, network security, identity & 
access management (IAM), DevSecOps, and security operations.
Specific Role Responsibilities:
Application Security:
• Evaluate, design, and implement secure application architectures.
• Conduct threat modeling and security design reviews for new technologies.
• Collaborate with development teams to ensure secure coding practices (OWASP Top 10, API Security).
• Assist in vulnerability assessments and remediation guidance.
• Support DevSecOps integration into development pipelines.
Cloud Security:
• Assist in architecting and implementing secure cloud solutions (AWS, Azure, GCP).
• Identify security risks in cloud environments and recommend mitigations.
• Monitor cloud systems for misconfigurations, threats, and vulnerabilities.
• Contribute to incident response and recovery processes in cloud environments.
• Exposure to Terraform and Infrastructure as Code (IaC) is a plus.
Infrastructure Security:
• Support infrastructure security controls (firewalls, IDS/IPS, VPN, network segmentation).
• Help manage Identity & Access Management (IAM) policies (RBAC, MFA, SSO).
• Basic knowledge of Wireshark for packet analysis is beneficial.
• Participate in security evaluations of new solutions and products.
Threat Risk Assessments:
• Assist in identifying and assessing potential threats to systems and assets.
• Contribute to risk assessments using standard methodologies (DREAD, STRIDE, FAIR).
• Work with teams to develop risk mitigation strategies.
• Exposure to SCADA/OT security concepts is an advantage.
Collaboration & Documentation:
• Work closely with security teams and stakeholders on cybersecurity initiatives.
• Support in creating security design documents and risk assessment reports.
• Maintain up-to-date documentation on security controls and IAM policies.
Qualifications:
Must-Have:
• Bachelor’s degree in Computer Science, Cybersecurity, IT, Engineering, or related field.
• Understanding of core cybersecurity principles, including authentication, access control, and risk 
management.
• Familiarity with cloud security concepts (AWS, Azure, GCP).
• Basic networking knowledge (CISCO, firewalls, VPNs, network segmentation).
• Hands-on experience or coursework in security fundamentals (OWASP Top 10, SIEM basics, IAM, threat 
modeling).
• Ability to work both independently and in a team environment.
• Strong communication skills to collaborate with stakeholders.
• 5+ years of experience with cybersecurity
• Willingness to work on graveyard shift.
Advantageous (Nice-to-Have):
• Experience with DevSecOps, Terraform, or Infrastructure as Code (IaC).
• Familiarity with SIEM platforms (Sentinel, GuardDuty, Splunk).
• Understanding of IAM technologies (OAuth2, OpenID Connect, SAML 2.0).
• Exposure to risk assessment methodologies and frameworks (ISO 27001, NIST, CIS, etc.).
• Basic knowledge of SCADA/OT security and industrial protocols (Modbus, DNP3, Nozomi Networks).
• Scripting skills in Python, Java, SQL, Bash, PowerShell.
• Certifications such as CompTIA Security+, TOGAF, CCSP, AWS/Azure Architect/Security Specialty, CISSP 
(preferred but not required).

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.