As a Security Consultant, the individual will provide security guidance to internal IT project teams responsible for delivering ET and Info Sec IT solutions, with a focus on Networking / infrastructure technology. The Security Consultant will identify and prioritize security-related requirements, promote secure-by-default designs and ensure information systems and infrastructure will be secured throughout the system development life cycle (SDLC) in an agile environment.

**Your key responsibilities**

The Security Consultant is expected to perform risk assessments of ET and Info Sec infrastructure solutions; develop appropriate risk treatment and mitigation options; effectively articulate findings and recommendations to internal customers and management; and The Security Consultant will be expected to work on multiple projects and tasks concurrently.

**Responsibilities, Qualifications, Certifications - Internal**

**Skills and attributes for success**
- A solid understanding of security and security tools in 1 or many of the following areas: network, operating systems, databases, encryption, access controls
- Translate technical vulnerabilities and security risks into business risk terminology for business units and recommend corrective actions to customers and project stakeholders.
- Ability to document and produce meaningful artefacts on risk assessments, engagement Statements of Work,



process, minimum security baselines and presentations on security risks.
- Manage customer expectations and deliver quality security consulting services while balancing business objectives with security requirements.
- Ability to partner with technical teams in a practical manner when conflicting interests arise while preserving EY core security principles and policies.
- Ability to lead a cross functional team to facilitate and enhance the understanding & compliance to security policies.

**To qualify for the role, you must have**
- A minimum of 8-10 years of experience in an Information Security or Information Technology discipline.
- Working experience in performing security risk assessments for information systems and developing appropriate risk treatment and mitigation options to address security risks identified during security reviews or risk assessments.
- Excellent interpersonal, communication, organizational and project management skills.
- Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change.

**Ideally, you’ll also have**
- An SSCP or other ISC(2) designation
- Knowledge of common information security standards and risk analysis methodologies, such as: ISO 27001/27002, NIST, PCI, COBIT, ISF IRAM2, and OWASP.

📌 Application Security Architect - Ey Global Delivery (Buenos Aires)
🏢 EY
📍 Buenos Aires