Job Description

At EY were all in to shape your future with confidence.

Well help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world.

The Global Information Security Strategist is a senior role responsible for shaping and implementing the long-term information security strategy of the firm. This individual will work closely with the Global Lead for Information Security Strategy and Research to ensure that security initiatives not only protect the firms assets and reputation but also enable business objectives. The strategist will combine deep knowledge of emerging technologies and threats with strong business acumen to drive security programs that align with the companys global strategy and operational needs. This role involves high-level collaboration strategic planning and leadership to keep the Information Security program a step ahead of evolving business demands and cyber risks.

Key Responsibilities:

• Strategic Program Development: Define and drive the development of long-term information security program strategies that support the firms business objectives. Ensure security goals processes and resources are aligned with overall corporate strategy and priorities with clear targets for success.
• Business & Leadership Consulting: Collaborate with senior business and technology leaders to understand short- and long-range business plans. Recommend security strategies and solutions that anticipate future changes in services technologies and client requirements ensuring the security program stays ahead of the curve.
• Stakeholder Alignment & Adoption: Work across global business and technology teams to build awareness on security initiatives. Rationalize and present recommendations to stakeholders and champion the security strategy across the organization. Drive organization-wide adoption of strategic security initiatives resulting in consistent risk reduction and improved security posture.
• Program Evaluation & Improvement: Analyze the Information Security programs operational effectiveness processes and stakeholder feedback. Identify areas for improvement and optimize processes to increase program effectiveness and agility ensuring the security program remains a competitive advantage for the firm.
• Research & Trend Analysis: Monitor and evaluate emerging security technologies industry trends and evolving threat landscapes. Determine how these developments could impact the firm and its security posture. Use these insights to proactively adapt and evolve the security strategy so the program is prepared for future threats and business needs.
• Innovation & Initiative Planning: Identify strategic opportunities for innovation within the security program. Plan and propose research initiatives or pilot projects to explore new security solutions architectures or processes that could strengthen the program. This includes developing business cases for new investments or approaches.
• Early Engagement in Technology Projects: Partner with teams in Information Security Enterprise Technology and Client Technology. As new capabilities are conceived and adopted work with these teams to develop approaches that address security and business needs from the outset.
• Executive Reporting & Guidance: Support and guide senior executive decision-making. Prepare and present high-level analyses strategic plans and roadmaps to executive leadership. Provide clear recommendations for the adoption of new capabilities or approaches backing them with data-driven insights and projections.
• Subject Matter Expertise and Education: Serve as a subject matter expert in information security. Maintain a deep understanding of the firms technology portfolio security architecture and the business operations of the firm including how different service lines function. Use this expertise to educate business units on the Information Security programs strategic direction and to ensure security strategies are well understood and embraced across the organization.
• External Awareness & Partnership: Build and maintain strong relationships with both internal and external partners to stay informed about potential strategic shifts in technology security and business operations. Leverage these relationships to inform the firms security strategy and ensure that architecture engineering and operations teams are prepared for changes impacting the industry.

Required Qualifications & Skills:

• Experience: Minimum 10 years of experience in roles involving strategy development organizational change or business process improvement with a strong track record of driving business impact. At least 10 years of experience in Information Security or Information Technology domains demonstrating increasing responsibility and breadth of scope.
• Education: Bachelors or Masters degree in Computer Science Information Security Information Technology or a related field. An equivalent combination of education and experience will also be considered.
• Strategic Leadership: Exceptional program leadership and stakeholder management skills. Proven ability to lead cross-functional initiatives in a global organization aligning diverse teams (security IT and business) through influence and relationship-building rather than formal authority.
• Business Acumen: Strong business acumen with the ability to understand the companys business model and industry (including consulting and audit/assurance services). Capable of translating business needs into security program requirements and articulating the value of security initiatives in business terms.
• Communication Skills: Excellent communication and presentation skills. Able to effectively convey complex concepts and strategies to both technical teams and non-technical executive audiences. Advanced English writing skills are required for clear documentation and strategic plan writing.
• Technical Depth: Broad and deep knowledge of information security domains and technologies including cybersecurity architecture risk management identity and access management (IAM) incident response and emerging threat mitigation techniques. Able to dive into technical details and also abstract them into high-level insights for decision-makers.
• Results Orientation: Demonstrated track record of delivering results in complex matrixed environments. Able to manage multiple high-priority initiatives simultaneously meet deadlines and drive projects to completion. Experience in driving adoption of new processes or capabilities across an organization is essential.

Preferred Qualifications:

• Global/Enterprise Experience: Experience working in a large multinational company with exposure to global teams and an understanding of how to navigate a complex enterprise environment. Experience collaborating across different regions and time zones is a plus.
• Industry Knowledge: Familiarity with professional services businesses such as consulting or assurance (audit). Understanding the dynamics of a partnership or client-serving organization can help in aligning security strategies to such environments.
• Standards & Frameworks: Knowledge of and experience with common information security frameworks and standards (e.g. ISO 27001/27002 NIST CSF CSA CIS Controls etc.).
• Certifications: Relevant security certifications are a plus such as CISSP SABSA or other industry-recognized credentials demonstrating a commitment to professional development and expertise in security strategy/architecture.
• Product Security Lifecycle: Experience with product management or secure development lifecycle (SDLC) practices. For example having worked on integrating security into the product or software development process.

About the Role:
In this role the Global Information Security Strategist will join a high-performing team dedicated to advancing the firms security posture in alignment with business goals. Success in this position means you will effectively bridge business strategy with deep cybersecurity insight ensuring that the company not only defends against current and future threats but also enables secure innovation and growth. You will be expected to collaborate with a wide range of stakeholders and act as a change agent guiding the organization toward a resilience-focused forward-looking security program. This is a challenging and influential position ideal for a strategic thinker with a passion for cybersecurity and the ability to drive organizational change.

What we offer you
The compensation ranges below are providedin order tocomply withUnited States pay transparency laws. Other geographies will follow their local salary guidelines which may not be a direct conversion of published US salary ranges. At EY well develop you with future-focused skills and equip you with world-class experiences. Well empower you in a flexible environment and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more.

• We offer a comprehensive compensation and benefits package where youll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $152700 to $294000. The base salary range for New York City Metro Area Washington State and California (excluding Sacramento) is $183300 to $334100. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education experience knowledge skills and addition our Total Rewards package includes medical and dental coverage pension and 401(k) plans and a wide range of paid time off options.
• Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external client serving roles to work together in person 40-60% of the time over the course of an engagement project or year.
• Under our flexible vacation policy youll decide how much vacation time you need based on your own personal circumstances. Youll also be granted time off for designated EY Paid Holidays Winter/Summer breaks Personal/Family Care and other leaves of absence when needed to support your physical financial and emotional well-being.

Are you ready to shape your future with confidence Apply today.
EY accepts applications for this position on an on-going basis.

For those living in California please click here for additional information.

EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.

EY Building a better working world

EY is building a better working world by creating new value for clients people society and the planet while building trust in capital markets.

Enabled by data AI and advanced technology EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.

EY teams work across a full spectrum of services in assurance consulting tax strategy and transactions. Fueled by sector insights a globally connected multi-disciplinary network and diverse ecosystem partners EY teams can provide services in more than 150 countries and territories.

EY provides equal employment opportunities to applicants and employees without regard to race color religion age sex sexual orientation gender identity/expression pregnancy genetic informationnational origin protected veteran status disability status or any other legally protected basis including arrest and conviction records in accordance with applicable law.

EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process please call 1-800-EY-HELP3 select Option 2 for candidate related inquiries then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EYs Talent Shared Services Team (TSS) or email the TSS at .

Required Experience:

Director

Job Tags

Similar Jobs