Risk Consulting - Cyber - Senior Consultant - Multiple Cities

At EY youll have the chance to build a career as unique as you are with the global scale support inclusive culture and technology to become the best version of you. And were counting on your unique voice and perspective to help EY become even better too. Join us and build an exceptional experience for yourself and a better working world for all.

The opportunity

The objective of our consultingrisk services is to provide clients with a candid and reliable overview of their risk landscape. Our solutions can be used by our clients to build confidence and trust with their customers the overall market and when required by regulation orcontract.

For our Cyber Risk services the ideal candidate will be responsible for identifying evaluating and managing cyber risks across the organization. This role involves working closely with IT security teams and business units to ensure that our cyber risk posture is aligned with our business objectives and regulatory requirements..

Your key responsibilities

You will operate as a fieldwork leader to assist clients in employing proper information systems resources and controls to maximize efficiencies and minimize risk. You can expect to work with client personnel to analyze evaluate and enhance information systems facilitating the business internal control process and will assist clients and other Risk Assurance professionals in performing information technology control and security engagements.

Skills and attributes for success

• Collaborate with other members of the engagement team to plan the engagement and develop work program timelines risk assessments and other planning documents. Work with the engagement team to document the business processes dependent on information technology. Serve as a fieldwork leader by directing the daily progress of fieldwork informing supervisors of engagement status and managing staff performance.
• Demonstrate and apply a thorough understanding of complex information systems. Use knowledge of the current IT environment and industry IT trends to identify the engagement and client serviceissuesandcommunicate this information to the engagement team and client management through written correspondence and verbal presentations. Demonstrate and apply strong project management skills inspire teamwork and responsibility with engagement team members and use current technology and tools to enhance the effectiveness of deliverables and services.
• Conduct comprehensive cyber risk assessments to identify vulnerabilities threats and potential impacts to the organization.
• Develop and implement risk mitigation strategies and controls to protect against cyber threats.
• Collaborate with IT and security teams to ensure that cybersecurity policies and procedures are uptodate and effectively implemented.
• Monitor the cyber threat landscape and provide timely intelligence to relevant stakeholders.
• Facilitate risk management discussions with business leaders to ensure they understand their cyber risk exposure.
• Oversee the cyber risk management lifecycle including risk identification analysis response and monitoring.
• Coordinate with external partners such as insurance providers and cybersecurity firms to manage and transfer cyber risks where appropriate.
• Prepare and present risk reports and dashboards to senior management and the board of directors.
• Ensure compliance with relevant laws regulations and industry standards related to cybersecurity and data protection.
• Conduct training and awareness programs to promote a culture of cybersecurity across the organization..

To qualify for theroleyou must have

• A bachelors or masters degree
• Bachelors degree in Information Technology Cybersecurity Risk Management or a related field.
• Professional certifications such as CISSP CISM CRISC or similar are highly desirable.
• Minimum of 2 years of experience in cybersecurity risk management or a related role.
• Strong understanding of cybersecurity frameworks (e.g. NIST ISO 27001 and regulatory requirements.
• Proven experience in risk assessment methodologies and tools.
• Excellent analytical and problemsolving skills.
• Strong communication and interpersonal skills with the ability to convey complex information to nontechnical stakeholders.
• Ability to work independently and as part of a team in a fastpaced environment.
• We would expect for you to be available to travel outside of their assigned office location at least 50 of the time plus commute within the region (where public transportation often is not available). Successful candidates must workin excess of standard hours when necessary. A valid passport is required.

Ideally youll also have

• A bachelors or masters degree in business accounting finance computer science information systems engineering or a related discipline
• CPA CA CISA CISSP CISM CBCP CIA CIPP CGEIT certification is desired; noncertified hires are required to become certified to be eligible for promotion to Manager.
• Additional cloudbased certifications to credentialize but do not currently meet the rigor of the certification requirement above:
  • CCSP Certified Cloud Security Professional
  • CCSK Certificate of Cloud Security Knowledge
  • CCAK Certificate of Cloud Auditing Knowledge
  • Microsoft Certified: Azure Fundamentals
  • AWS Certified Cloud Practitioner
  • Google Cloud Digital Leader

What we look for

Were looking for passionate leaders with strong vision and a desire to stay on top of trends in the risk industry. If you have a genuine passion for helping businesses achieve their full potential this role is for you.

• Continuous learning: Youll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: Well provide the tools and flexibility so you can make a meaningful impact your way.
• Transformative leadership: Well give you the insights coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: Youll be embraced for who you are and empowered to use your voice to help others find theirs.