Risk Consulting - TPRM - Manager

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

EY-Digital Risk – Third Party Risk Management

At EY, we’re all in to shape your future with confidence. 

Join EY and help to build a better working world.

As part of our Risk Consulting, you will be joining the Digital Risk Consulting Team.

The opportunity

We’re looking for Manager with expertise in Third Party Risk Management and IT Audit to support our clients across a range of Third Party Risk Management (TPRM) issues and challenges and enable our clients to better manage the broad range of risks in their increasingly complex supply chains. Working with team, you will also perform IT Risk assessment, IT Governance review, Cybersecurity and BCM audits. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of our service offering.

Your key responsibilities

• Champion the use of emerging technologies (e.g., AI, automation, continuous monitoring platforms) to enhance TPRM capabilities.
• Design TPRM framework, operating model, methodology and procedures
• Implement TPRM process for client and manage the assessment lifecycle as per the design
• Perform assessment with vendors across the IT, Cybersecurity, BCM and Data Privacy domains.
• Prepare reports and present the status to EY engagement leadership and client project management
• Ensure team members are executing the assessment to minimum expected quality
• Conduct Meetings, IT security revies, IT internal control testing, develop IT internal audit plans, conduct IT audit closure meetings and provide other IT internal audit services for the MENA stakeholders.
• Prepare audit plans and risk control metrices
• Assess the client’s current state IT and Cybersecurity internal controls for the client's environment and identify risks and subsequent recommendations.
• Deliver exceptional client service experience while advising on complex process issues
• Provide subject matter guidance on evolving regulatory frameworks (e.g., DORA, NCA framework, SAMA framework) and their impact on third-party ecosystems.
• Managing a portfolio of TPRM engagements with our clients, responsible for the day-to-day running of the engagements including meeting quality, time and budget targets
• Drive the design and implementation of scalable TPRM operating models and tooling (e.g., ServiceNow VRM, Archer, ProcessUnity).
• Create a positive team environment and provide coaching and support for junior staff

Skills and attributes for success

• Experience conducting third party risk assessments against global/MENA specific standards/regulations
• Expertise in IT/InfoSec internal control testing, Cybersecurity and Business Continuity Management (BCM) audits
• Able to manage Senior stakeholders in the audit domain.
• Experience in leading teams to execute IT audit/Risk Management, Cybersecurity and BCM audits within stipulated timeline along with high quality deliverables.
• Excellent communication and stakeholder management skills.

To qualify for the role, you must have

• Project experience and client knowledge gained from professional practice across a number of TPRM engagements, including aspects of Compliance, IT Risk Management, Cyber, Resilience, and Privacy.
• Excellent understanding of National and International Security Standards (e.g., NIST, ISO27001), reporting standards (e.g., SOC/ISAE), and privacy or TPRM regulations, such as UK Data Protection Act, GDPR, DORA, NCA ECC, SAMA Framework..etc.
• Willingness to travel
• Excellent written and verbal communication skills for report writing, client presentations, and project management
• At least 7 years of relevant experience (desirably within resilience, cyber, or TPRM). Preferably with experience in a consulting role in a leading consultancy firm.
• Proven track record of delivering complex, multi-stakeholder programmes in regulated industries
• Excellent communication skills with consulting experience preferred

Ideally, you’ll also have

A bachelor's or master's degree in B. TECH/B. E, MS, MBA in accounting or a related discipline.

Industry related certification preferred (e.g., CISSP, CISA, CISM, CRISC, ISO27001 Lead Implementer/Auditor)

Solution related experience, such as the use of platforms like ProcessUnity, ServiceNow, and Azure

What working at EY offers

At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.