At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
Department/Area Function:
Information Technology (IT) Risk Management program is designed to identify, manage, measure, and mitigate risks in all IT Capabilities.
Maintaining and enhancing IT risk management framework. The framework is comprised of tools and processes to help:
Identify new risks, changes in risk, or relationships between risks,
Assess the scope and quality of internal controls, and
Monitor and escalate key matters of risk and control.
Maintaining the Process, Risk, and Control library and conduct management controls testing.
Formulating, disseminating, and administering IT risk management policy and procedures.
Providing risk and control consultation, and verification of control effectiveness to support organization goals and improving the IT control environment.Liaising with Legal, Information Security, Office of Corporate and Regulatory Compliance, and other subject matter experts within the organization to ensure that risks and appropriate mitigants are identified and communicated throughout the organization.
Position Summary:
The incumbent has primary responsibility of executing control testing, maintaining relationships with key stakeholders, and support targeted IT risk assessments (where applicable). The incumbent will execute and support day-to-day IT risk management activities, manage task deadlines, and participate in projects within assigned areas of responsibility. In carrying these responsibilities, the incumbent must work collaboratively with the IT Risk Management team, other risk & control functions, as well as with IT line management.
Position Summary:
The incumbent has primary responsibility of executing control testing, maintaining relationships with key stakeholders, and support targeted IT risk assessments (where applicable). The incumbent will execute and support day-to-day IT risk management activities, manage task deadlines, and participate in projects within assigned areas of responsibility. In carrying these responsibilities, the incumbent must work collaboratively with the IT Risk Management team, other risk & control functions, as well as with IT line management.
Experience:
1-3 years of experience in the field of IT Security / Information Security / Cyber Security.
Experience in working with IT Risk Management frameworks to identify, analyze, mitigate, monitor, and communicate IT risks
Experience in conducting IT controls validation and testing and identifying control deficiencies.
Interacting with stakeholders and staff to collect information requests.
Mandatory Requirements:
Comprehensive understanding of IT Processes Risk and Controls or experience in IT Audits and IT General Controls.
Conduct risk assessments for IT process, applications, network infrastructure assets.
Draft IT/Cyber risk assessment reports including findings, associated risks, and recommendations.
Demonstrate flexibility to travel to the customer locations / other EY offices, on need basis.
Provide coverage / overlap during US shift hours, as per the client requirement.
The incumbent would be hired based on Build, Operate and Transfer model and would be transferred to client payroll, as per the client requirements.
Preferred Requirements:
Demonstrated ability to work pro-actively with all levels of management and staff.
Highly motivated, detail-oriented, self-starter, who can set priorities, take initiative and work both independently and proactively in a dynamic team environment.
Excellent inter-personal skills with a highly developed customer service orientation, and ability to work effectively with all levels of internal staff, and external contacts.
Strong planning and project management skills.
Strong process mapping and data collection and analysis skills.
Good documentation and communication skills.
Education, Training &/or Certification:
Relevant professional qualifications such as MBA or MCA.
B.E/B.Tech (Electronics, Electronics & Telecommunications, Comp. Science)/MBA IT/ having relevant experience with other Big3 or paneled IT/ ITES companies.
Relevant professional certifications such as, ISO27001 LA / LI preferred.
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.