At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
JOB DESCRIPTION–SENIOR –Risk Transformation-EGRC- IT Risk Management
Job Summary
As Risk Advisory Senior, you’ll contribute technically to Risk transformation client engagements and internal projects. You’ll also identify potential business opportunities for EY within existing engagements, and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team.
Client responsibilities
Ability to work as a team lead within IT Risk Management (ITRM) projects
Right attitude towards teaming, ownership, and knowledge sharing
Work back with the project team to maintain transparency in communication, highlight risks and share mitigation plan
Ability to visualise and propose solutions to customers based on the requirements shared
Help prepare reports and schedules that will be delivered to clients and other parties
Develop and maintain productive working relationships with client personnel
Planning and monitoring of the project deliverables for the team
Mentor the project team in executing the project deliverables
Regular status reporting to the project manager and onsite coordinators
Demonstrate flexibility to travel to the customer locations / other EY offices, on need basis
Good documentation and communication skills
People responsibilities
Conduct performance reviews and contribute to performance feedback for the team
Foster teamwork, quality culture and lead by example.
Understand and follow workplace policies and procedures
Train and mentor the project resources and team members
Mandatory skills requirements
5-9 years of experience in the field of IT Security / Information Security / Cyber Security / Cloud Security
Experience in IT Audits, IT General Controls, IT Attestation (SOC1/SOC2 Reporting), SOX-ITGC, etc.
Experience in working with IT Risk Management frameworks to identify, analyse, mitigate, monitor and communicate IT risks
Conduct risk assessments for process, applications, network infrastructure assets, and vendors
Draft IT/Cyber risk assessment reports including findings, associated risks and recommendations
Develop Key Risk Indicators (KRIs) and creating dashboards for continuous monitoring of the risks
Experience in conducting IT controls validation and testing, and identifying control deficiencies
Develop IT / Information security policies, standards and procedures
Experience in working with leading industry standards such as NIST-CSF, ISO27001, ITIL, COBIT, PCI-DSS, CSA-CCM, CCSK, ISO27017, etc.
Experience working on various cloud platforms such as Azure, AWS, GCP, etc. would be a plus
Well versed with the security design concepts and should be able to drive discussions for IT risk management along with the customer
Preferred skills
Experience in conducting awareness training and workshops on IT Risk Management
Demonstrated track record with a consulting organization and/or a blue-chip organization
Demonstrated experience in delivery of engagements and client management
Relevant professional qualifications such as CA, MBA, MCA, MS
B.E/B.Tech (Electronics, Electronics & Telecommunications, Comp. Science)/MBA/M.Sc. having experience with other Big3 or panelled IT/ ITeS companies.
Certifications (Preferred)
Relevant professional certifications such as CISA, CISSP, CRISC, ISO27001, ITIL, COBIT, etc.
Certifications in Cloud platforms such as Azure, AWS, GCP, etc.
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.