At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

The Opportunity 

The security engineer role works to improve the security controls posture of our clients by translating architecture designs into functioning` security controls.

The security engineer will have hand on experience with cloud, CI/CD, security test automation, containerisation, AppSec tooling, and SaaS-based deployments. In addition, the security engineer is expected to quickly understand vendor solutions used by clients and be able to interact with client technology and security teams. Strong coding experience is desired as well (such as Python, Java, Go, JavaScript, Bash, and PowerShell).

The Security Engineer will:

• Understand technical security concepts and be able to practically apply them in client environments; 

• Be proficient in modern development and deployment practices such as infrastructure as code, and continuous integration and continuous delivery;

• Strong understanding in at least one major cloud platform (AWS, Azure, GCP);

• Be able to pick up new technologies when client requirements apply (WAFs, firewalls, routers, switches, and other security appliances);

• Understand concepts of security operations; Be willing to at times go high level to discuss security posture with less technical clients and colleagues;

• Review security significant stories to assess completeness and safety against the acceptance criteria;

• Understand how development processes work and review contributions to projects for security acceptance; Can call out flaws in a process, solution, or implementation; and

• Identifies security automation opportunities where possible to allow security self-service on some projects.

Technical knowledge and hands-on capability required in the below areas:

• DevSecOps and DevOps tools and frameworks; 

• Privileged access management and IAM; 

• Vulnerability and configuration scanning (SCA, SAST tools, container); 

• Secrets and cryptographic key management; 

• Application security such as OS hardening; WAF; web application security; API security; authorisation etc; 

• Data and DB security, hardening, and encryption and key management; and

• Network security/encryption in transit.

What we offer

• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.

• Continuous learning: personalised career development including coaching, experiences and formal learning so you’ll develop the mindset and skills you’ll need to thrive in the future.

• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.