Full Time

Consulting – Technology Consulting, Cybersecurity – Staff – Guangzhou

Posted 1 month ago
Application ends: November 10, 2021
Apply Now

Job Description

Description – External

Our clients are faced with external pressures on an unprecedented scale. The ability to translate strategy into reality is key to their enhanced business performance. As an consulting professional, you will be focused on helping them achieve this goal.

You’ll work in high-performing teams that deliver exceptional client service, enabling organizations to grow, innovate, protect and optimize their business performance – playing your part in building a better working world.

We believe that you should own and shape your career. But we’ll provide the support and opportunities to develop the skills, knowledge and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you’ll interact and team with individuals from various geographies and sectors. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

Responsibilities, Qualifications, Certifications – External

职责能力要求:

  • 网络安全技术咨询
  • 实施安全渗透测试、漏洞识别、源代码审阅等,并提出整改建议;
  • 熟悉主流渗透技术,具备一定攻防经验。
  • 安全运营服务
  • 具备安全运营中心SOC建设或运营经验,能为客户提供SOC构建咨询或持续的安全运营服务;
  • 熟悉主流SIEM平台,具备一定的应急响应、攻击溯源能力。
  • 网络安全管理咨询
  • 基于IT风险框架设计,评估和实施信息安全框架,策略,标准和过程;
  • 定制信息安全解决方案,为企业提供信息安全咨询服务,例如安全风险管理、身份和访问管理。
  • 网络安全合规咨询
  • 熟悉国内或国外主要市场的网络安全合规要求;
  • 协助客户评估与各项合规要求的差距,为企业提供安全合规建设服务。
  • 隐私/数据保护咨询
  • 定义数据保护政策,策略和流程;
  • 进行数据保护安全性检查和隐私评估;
  • 识别数据保护和隐私问题中的弱点,实施风险评估并向管理层提供实用建议;
  • 定义并实施信息分类策略和流程。

具备以上一类或多类职责能力要求者均可。

符合下列条件者优先:

  • 计算机科学,信息系统,工程或相关学科的学士/硕士学位和/或专业认证,如:CISSP,CISM,ISO 27001, OSCP, OSCE, OSWE, CEH, CIPM, CIPP等