Risk Consulting - Digital Risk - Senior - Dev Sec

At EY youll have the chance to build a career as unique as you are with the global scale support inclusive culture and technology to become the best version of you. And were counting on your unique voice and perspective to help EY become even better too. Join us and build an exceptional experience for yourself and a better working world for all.

The opportunity

The objective of our Digital Risk Consultingservice is to support clients with the development implementation improvement and modernization of their technology risk and compliance programs to address the constantly changing risk and technology landscape. Our solutions can be used by our clients to build confidence and trust with their customers the overall market and when required by regulation orcontract.

Your key responsibilities

You will operate as a team leader for engagements to help our clients develop and strengthen their IT risk and compliance programs. You will work directly with clients to review their IT processes and controls remediate and implement controls onboard new tools and services into risk and compliance frameworks and assist with the readiness and adherence for new compliance regulations. Your responsibilities include both in-person and remote oversight and coaching of engagement team members reporting to both senior engagement team members and client leadership as well as partnering with our key client contacts to complete the engagement work.

What Youll Do

• Designing and implementing solutions to various data related technical/compliance challenges such as DevSecOps data strategy data governance data risks & relevant controls data testing data architecture data platforms data solution implementation data quality and data security to manage and mitigate risk.
• Leveraging data analytics tools/software to build robust and scalable solutions through data analysis and data visualizations using SQL Python and visualization tools
• Design and implement comprehensive data analytics strategies to support business decision-making.
• Collect clean and interpret large datasets from multiple sources ensuring completeness accuracy and integrity of data.
• Integrating and/or piloting next-generation technologies such as cloud platforms machine learning and Generative AI (GenAI)
• Developing custom scripts and algorithms to automate data processing and analysis to generate insights
• Applying business / domain knowledge including regulatory requirements and industry standards to solve complex data related challenges
• Analyzing data to uncover trends and generate insights that can inform business decisions
• Build and maintain relationships across Engineering Product Operations Internal Audit external audit and other external stakeholders to drive effective financial risk management.
• Work with DevSecOps Security Assurance Engineering and Product teams to improve efficiency of control environments and provide risk management through implementation of automation and process improvement
• Bridge gaps between IT controls and business controls including ITGCs and automated business controls. Work with IA to ensure complete control environment is managed
• Work with emerging products to understand risk profile and ensure an appropriate control environment is established
• Implement new process and controls in response to changes to the business environment such as new product introduction changes in accounting standards internal process changes or reorganization.

What Youll Need

• Experience in data architecture data management data engineering data science or data analytics
• Experience in building analytical queries and dashboards using SQL noSQL Python etc.
• Proficient in SQL and quantitative analysis you can deep dive into large amounts of data draw meaningful insights dissect business issues and draw actionable conclusions
• Knowledge of tools in the following areas:
  • Scripting and Programming (e.g. Python SQL R Java Scala etc.)
  • Big Data Tools (e.g. Hadoop Hive Pig Impala Mahout etc.)
  • Data Management (e.g. Informatica Collibra SAP Oracle IBM etc.)
  • Predictive Analytics (e.g. Python IBM SPSS SAS Enterprise Miner RPL Matl etc.)
  • Data Visualization (e.g. Tableau PowerBI TIBCO-Spotfire CliqView SPSS etc.)
  • Data Mining (e.g. Microsoft SQL Server etc.)
  • Cloud Platforms (e.g. AWS Azure or Google Cloud)
• Ability to analyze complex processes to identify potential financial operational systems and compliance risks across major finance cycles
• Ability to assist management with the integration of security practices in the product development lifecycle (DevSecOps)
• Experience with homegrown applications in a microservices/dev-ops environment
• Experience with identifying potential security risks in platform environments and developing strategies to mitigate them
• Experience with SOX readiness assessments and control implementation
• Knowledge of DevOps practices CI/CD pipelines code management and automation tools (e.g. Jenkins Git Phab Artifactory SonarQube Selenium Fortify Acunetix Prisma Cloud)

Preferred:

• Experience in:
  • Managing technical data projects
  • Leveraging data analytics tools/software to develop solutions and scripts
  • Developing statistical model tools and techniques
  • Developing and executing data governance frameworks or operating models
  • Identifying data risks and designing and/or implementing appropriate controls
  • Implementation of data quality process
  • Developing data services and solutions in a cloud environment
  • Designing data architecture
  • Analyzing complex data sets & communicating findings effectively
• Process management experience including process redesign and optimization
• Experience in scripting languages (e.g. Python Bash)
• Experience in cloud platforms (e.g. AWS Azure GCP) and securing cloud-based applications/services

To qualify for theroleyou must have

• A bachelors or masters degree
• A minimum of 3 years of experience working as an IT risk consultant or data analytics experience.
• Bring your experience in applying relevant technical knowledge in at least one of the following engagements: (a) risk consulting (b) financial statement audits; (c) internal or operational audits (d) IT compliance; and/or (e) Service Organization Controls Reporting engagements.
• We would expect for you to be available to travel outside of their assigned office location at least 50% of the time plus commute within the region (where public transportation often is not available). Successful candidates must workin excess of standard hours when necessary. A valid passport is required.

Ideally youll also have

• A bachelors or masters degree in business computer science information systems informatics computer engineering accounting or a related discipline
• CISA CISSP CISM CPA or CA certification is desired; non-certified hires are required to become certified to be eligible for promotion to Manager.

EY Building a better working world

EY exists to build a better working world helping to create long-term value for clients people and society and build trust in the capital markets.

Enabled by data and technology diverse EY teams in over 150 countries provide trust through assurance and help clients grow transform and operate.

Working across assurance consulting law strategy tax and transactions EY teams ask better questions to find new answers for the complex issues facing our world today.