FS-RC-RT- IT Risk Manager

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

JOB DESCRIPTION--Manager –Risk Transformation-EGRC- IT Risk Management

Job Summary
As Risk Advisory Manager, you’ll contribute technically to Risk transformation client engagements and internal projects. You’ll also identify potential business opportunities for EY within existing engagements, and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team.

Client responsibilities

• Proven ability to work as a team lead within IT Risk Management (ITRM) projects
• Right attitude towards teaming, ownership, and knowledge sharing 
• Work back with the project team to maintain transparency in communication, highlight risks and share mitigation plan
• Ability to visualise and propose solutions to customers based on the requirements shared 
• Help prepare reports and schedules that will be delivered to clients and other parties
• Develop and maintain productive working relationships with client personnel
• Planning and monitoring of the project deliverables for the team
• Mentor the project team in executing the project deliverables
• Regular status reporting to the project manager and onsite coordinators
• Demonstrate flexibility to travel to the customer locations / other EY offices, on need basis
• Good documentation and communication skills

People responsibilities

• Conduct performance reviews and contribute to performance feedback for the team
• Foster teamwork, quality culture and lead by example.
• Understand and follow workplace policies and procedures
• Train and mentor the project resources and team members

Mandatory skills requirements

• 9+ years of experience in the field of IT Security / Information Security / Cyber Security / Cloud Security
• Experience in IT Audits, IT General Controls, IT Attestation (SOC1/SOC2 Reporting), SOX-ITGC, etc.
• Experience in conducting IT controls validation and testing, and identifying control deficiencies
• Experience in working with IT Risk Management frameworks to identify, analyse, mitigate, monitor and communicate IT risks
• Experience in conducting risk assessments for process, applications, network infrastructure assets, and vendors
• Draft IT/Cyber risk assessment reports including findings, associated risks, and recommendations 
• Develop Key Risk Indicators (KRIs), Key Performance Indicators KPIs and creating dashboards (in MS Excel or PowerBI) for continuous monitoring of the risks
• Develop IT / Information security policies, standards and procedures
• Experience in working with leading industry standards such as NIST-CSF, ISO27001, ITIL, COBIT, PCI-DSS, CSA-CCM, CCSK, ISO27017, etc.
• Experience working on various cloud platforms such as Azure, AWS, GCP, etc. would be a plus
• Well versed with the security design concepts and should be able to drive discussions for IT risk management along with the customer

Preferred skills

• Experience in conducting awareness training and workshops on IT Risk Management
• Demonstrated track record with a consulting organization and/or a blue-chip organization
• Demonstrated experience in delivery of engagements and client management
• Relevant professional qualifications such as CA, MBA, MCA, MS
• B.E/B.Tech (Electronics, Electronics & Telecommunications, Comp. Science)/MBA/M.Sc. having experience with other Big3 or panelled IT/ ITeS companies.

Certifications (Preferred)

• Relevant professional certifications such as CISA, CISSP, CRISC, ISO27001, ITIL, COBIT, etc.
• Certifications in any cloud platforms such as Azure, AWS, GCP, etc.

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.