ecurity Monitoring Services - IT:GIS:GO:SOS-P00075 - ARG000QE
The Security Monitoring Services Senior Associate, for Security Operations Services (SOS), provides internal security controls such as audits and related attestations to monitor internal critical business applications or systems for security compliance and indications of security risks aligned to EY’s Information Security and Security Operations Services policies for Information Technology (IT). The role’s remit considers such security control risk related activities as those that may result from terminated users, data anomalies as well as general department validation of compliance actions among other related activities. The role is also responsible for technical tasks at a level 2 of remediation that are assigned to the team in ServiceNow, IT’s service management tool, or through email requests to the Security Operations Compliance Services team via the group’s shared team mailbox. The role is also responsible for facilitating and gathering needed information for policy exception requests for all security objects to the firm’s compliance mandates as determined by such regulators as by the Office of the Chief Information Security Officer (CISO). The role is an individual contributor and is managed by the Security Monitoring Services Team Lead in SOS.
Essential Functions of the Job
- Provides global compliance and remediation services through the performance of security controls, audits and specific monitoring of internal critical business applications and systems for security compliance or noted risks as determined by EY’s Information Security and Security Operations Services policies as well as by the Office of the Chief Information Security Officer (CISO).
- Recognizes and applies the prescribed methodologies to monitor and maintain appropriate security controls that may result from the termination of end users, anomalies in data variables, as well as a general validation of IT department activities that can result in security issues
- Utilizes EY’s Global Information Security Policy: Code of Connection to identify adherence to the Firm’s current compliance processes and procedures
- Utilizes industry frameworks such as the International Organization for Standardization (ISO 27001) to examine compliance requests referred to SOS by Information Technology (IT) teams such as the GO Service Desk to identify opportunities for operational efficiencies and risk mitigation
- Performs audits and other due diligence activities to gather necessary information, document policy exceptions or request for same from the affected business groups and to provide details for review and approval by the Information Security Team.
- Provides appropriate response to internal requests identified via IT staff as well as requests escalated from the Global Operations (GO) Service desk in ServiceNow on such matters as policy exceptions to the firm’s compliance mandates
- Performs various departmental security audits to ascertain appropriate steps to return to compliance with the firm’s standard for security compliance including but not limited to:
- Performs audits, such as the identification of terminated users to validate that system access privileges were removed on a timely basis in compliance to firm directives.
- Identifies opportunities to streamline processes and/or procedures to strengthen security control measures
- Identifies, analyzes and escalates noted patterns in incidents associated with EY security mandates to recognize trends and identify training opportunities utilizing reports and metrics generated from the ServiceNow application
- Assists, as part of a team of skilled technicians, in technical support tasks at a level 2 of remediation and other activities for compliance security improvements in response to specific EY identified mandates or to align the compliance security to industry standards
- Guides more junior members of staff on best practices to perform tasks or activities that require such specific guidance to guide their success
- Well defined analytical skills to conduct effective issue analysis so that key issues are properly identified and effective solutions are provided. Uses analytics to identify issues for solution as well as escalation for security issues and breaches that have wider impact.
- Working knowledge of Information Technology Infrastructure Library (ITIL) to identify industry standards and procedures for Incident, Problem, Change and Knowledge as required by the role’s remit.
- Working knowledge of ISO 27001 to identify industry standards and procedures that includes all legal, physical and technical controls involved in an organization’s information risk management processes.
- Takes an active role in building and advancing knowledge of EY’s Information Security and Security Operations Services policies and compliance directives with specific focus on internal critical business applications and systems for security compliance.
- Solid familiarity of EY’s businesses supported within the location to recognize the impact of security technology audit issues to a specific business unit and to engage and participate with confidence on escalating issues that impact a particular desktop, business or location.
- Strong advanced interpersonal skills to adapt personal communication styles to the style of others, to engage, as a thought leader, with all levels of the organization, staying calm under pressure and to maintain the credibility the business has in SOS technical support.
- Advanced time management skills to prioritize workload and work through issues and incidents with efficiency and guide others in same
- Strong oral and written communication skills in the English language to work effectively with all levels of end users and IT personal
- Advanced knowledge in current and future features of aligned technology to the role’s remit including but not limited to:
- IT’s current platform technologies as used by Security Audit Management services including Structured Query Language (SQL), SQL/Oracle database knowledge, Advanced PowerShell scripting skills, Visual Basic for Applications, PowerBroker
- Knowledge of data sources, Human Resources (HR) , Active Directory and Asset Management
- Knowledge of Identity and Access Management (IAM) services as a means to collaborate with this group in GO and IT.
- IT service management tool, ServiceNow, to record incidents and remediation as well as guide others in features and functions.
- Approximately 3-5 years of experience in computer information security.
Should hold one of the following or equivalent certifications:
Certification of Chief Information Security Officer (CCISO)
Certified Information Systems Security Professional (CISSP)
Global Information Assurance Certification (GIAC) in related area
Information Technology Infrastructure Library (ITIL v2 or v3 Foundations training)