Senior Security Consultant - SDLC

Senior Security Consultant - SDLC

 

Location: Wrocław - 2 days in office / 3 days remote

 

Let us introduce you the job offer by EY GDS Poland – a member of the global integrated service delivery center network by EY.

 

Technology is central to EY’s operations and service delivery. With 250,000 professionals across 140+ countries, secure and efficient technology enables our people to work seamlessly—whether on laptops, mobile devices, or through internal and client-facing solutions. Technology drives innovation and underpins the services we provide.

EY Technology is organized into three business units:

• Client Technology (CT): Develops innovative technology services for clients, accelerating opportunity identification and delivery.
• Enterprise Workplace Technology (EWT): Supports core business services with cost-effective, user-centric technology infrastructure.
• Information Security (Info Sec): Protects EY and client data by preventing, detecting, and mitigating cyber risks.

 

The opportunity

 

As a Security Consultant within EY’s Client Service Security Consulting and Assurance team, you will be a trusted advisor to EY’s Strategy & Transactions and Sustainability service line. You will support global platforms, AI and analytics solutions, and line-of-business services. Your role includes reviewing security architectures, providing security guidance, prioritizing security requirements, promoting secure-by-design principles, and facilitating security throughout the system development life cycle (SDLC). You will also provide guidance in risk treatment and translate technical vulnerabilities into business risk language for stakeholders.

 

Your key responsibilities

 

• Define pragmatic security architectures balancing business benefits and risks.
• Collaborate with IT project teams throughout the SDLC to identify and implement security controls.
• Conduct risk assessments of information systems and infrastructure.
• Maintain and enhance the Information Security risk assessment methodology.
• Develop security configuration standards for platforms and technologies.
• Recommend risk treatment and mitigation strategies for identified security risks.
• Translate technical vulnerabilities into business risk terms and advise stakeholders on corrective actions.
• Share knowledge and provide technical support to team members.
• Serve as a Subject Matter Expert (SME) in assigned technologies with deep technical expertise.

 

Skills and attributes for success

 

• Strategic mindset to develop long-term risk management and security frameworks.
• Ability to balance security needs with business impact and benefits.
• Skilled in facilitating compromise to advance security objectives incrementally.
• Strong understanding of EY’s business objectives and ability to build cross-functional relationships.
• Collaborative team player who promotes security policy compliance.
• Experienced in leading meetings with diverse stakeholders, building consensus, and mediating compromises.
• Comfortable working in ambiguous and dynamic environments.
• Minimum five years’ experience in architecture, design, and engineering of web-based multi-tier systems or network infrastructures.
• Experience with security architecture and assessment of messaging, ERP, CRM, or data analytics solutions.
• Proficient in conducting risk, vulnerability, vendor, and third-party assessments with remediation recommendations.
• Familiarity with security standards such as ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT.
• Experience with cloud technologies and solutions, preferably Microsoft Azure.

 

To qualify for the role, you must have

 

• Advanced degree in Computer Science or related field, or equivalent experience.
• At least five years managing significant Information Security risk functions.
• Eight or more years in Information Security or IT roles.
• Proven ability to communicate security findings and recommendations effectively to IT teams and management.
• Exceptional judgment, tact, and decision-making skills.
• Adaptable to shifting priorities, ambiguity, and rapid change.
• Strong management, interpersonal, communication, organizational, and decision-making skills.
• Minimum two years’ experience with cloud architecture, design, and assessment.
• Proficient in English.

 

Ideally, you’ll also have

 

• GIAC certifications, CSSP, CISSP, CISM, or CISA are highly desirable or candidates actively pursuing these certifications.

 

What we offer

 

EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across nine locations –  Argentina, Hungary, India, the Philippines, Poland, Sri Lanka, Mexico, Spain and the United Kingdom – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career.

 

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

 

About EY

EY | Building a better working world

 

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

 

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

The exceptional EY experience. It’s yours to build.

 

In compliance with the requirements of the Whistleblower Protection Act, our company has established the Procedure for reporting breaches of law and undertaking appropriate follow-up actions. Any misconduct should be reported through the EY Ethics Hotline.