At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

 
JOB DESCRIPTION–STAFF –Risk Consulting- IT Risk Management

Job Summary
In your role as a staff member in Information Technology Risk Management (ITRM) within Risk Consulting, you will provide technical support to client engagements and internal initiatives aimed at transforming risk. You will be responsible for recognizing potential risks during engagements and communicating any concerns to the senior team members.

Client responsibilities

Ability to collaborate effectively within Information Technology Risk Management (ITRM) project teams
Positive approach to teamwork, taking ownership, and exchanging knowledge
Engage with the project team to ensure open communication, identify potential risks, and discuss strategies for risk mitigation
Competence in designing and suggesting solutions tailored to customer needs based on their specified requirements
Assist in the creation of reports and schedules that will be presented to clients and relevant stakeholders
Contribute to the development of reports and timetables for delivery to clients and other interested parties.
Build and keep up constructive working relationships with client contacts.
Willingness to travel to client sites or other EY offices as required.
Strong skills in documentation and communication.

People responsibilities

Professionals with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment
Works cross-functionally with team members to support and drive a collaborative team environment
Understands client s business environment and basic risk management approaches

Mandatory skills requirements

Possessing 1-3 years of expertise in IT Security, Information Security, Cyber Security, or Cloud Security
Proficient in conducting IT Audits, managing IT General Controls, and IT Attestation (including SOC1/SOC2 Reporting), as well as SOX-ITGC compliance
Understanding of IT Risk Management frameworks for the identification, analysis, mitigation, monitoring, and communication of IT risks
Experienced in validating IT controls, conducting tests, and pinpointing control gaps
Ability to create IT/Information security policies, standards, and guidelines
Familiar with leading industry frameworks and standards such as NIST-CSF, ISO27001, ITIL, COBIT, PCI-DSS, CSA-CCM, CCSK, ISO27017, and others

Preferred skills

Experience in conducting IT Risk Assessments and IT Controls Testing
B.E/B.Tech (Electronics, Electronics & Telecommunications, Comp. Science) /M.E. / M.Tech, MBA/M.Sc. having experience with other Big3 or panelled IT/ ITeS companies

Certifications (Preferred)

Relevant professional certifications such as ISO27001, ITIL, COBIT, etc.

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.