Cybersecurity Risk Manager

Cybersecurity Risk Manager

Location: Katowice - 2 days office / 3 days remote

Let us introduce you the job offer by EY GDS Poland a member of the global integrated service delivery center network by EY.

The opportunity

As a Manager within our Cybersecurity Risk Compliance & Resilience (CRCR) competency you will play a pivotal role in assisting EY clients in evaluating the effectiveness and efficiency of their cybersecurity and resiliency programs. Your focus will be on aligning these programs with business growth and operational addition to conducting compliance and control evaluations you will be instrumental in developing and implementing risk management strategies and business continuity plans ensuring organizations are well-prepared to respond effectively to incidents and disruptions. You will identify deficiencies and provide actionable recommendations and guidelines to enhance cyber resilience. This role is not solely about overseeing others you will be expected to bring your hands-on experience to the forefront directly contributing to project delivery and execution while also managing and coordinating efforts as needed.

Your key responsibilities

• Evaluate and assess the effectiveness of clients cybersecurity and resiliency programs.
• Develop and implement risk management strategies and business continuity plans.
• Conduct compliance and control evaluations ensuring adherence to regulations and standards such as ISO 27001 and NIST.
• Perform audits or reviews of Information Security Management Systems (ISMS) and IT general controls.
• Manage Third Party Risk Management (TPRM) processes.
• Provide domain knowledge in cybersecurity including governance IT infrastructure security and risk management.
• Actively participate in hands-on project delivery ensuring technical and operational tasks are completed with high quality and aligned to client expectations.
• Collaborate with engagement team members fostering teamwork and responsibility.
• Set up governance frameworks for cybersecurity services ensuring alignment with organizational objectives.
• Develop and monitor Key Performance Indicators (KPIs) to measure the effectiveness of cybersecurity services.
• Oversee service delivery processes ensuring high-quality service and client satisfaction.
• Work on offer preparation acting as a Service Delivery Manager (SDM) for key cyber project portfolios discussing client needs preparing proposals and actively pursuing and securing project engagements.
• Balance direct hands-on involvement with team coordination ensuring seamless execution of both technical tasks and broader project objectives.

Skills and attributes for success

Minimum 5 years of experience in the field of Information Security and/or Information Technology with minimum two years of them focusing on Information security field with expertise including but not limited to-below areas:

• Assuring the conformity to regulations norms and standards such as ISO27001 NIST or any other ISMS governance systems
• IT Controls such as IT General Controls (ITGC) IT Application Controls (ITAC) or any other
• Implementation of the risk management plans and business continuity program assessments
• Performing audits or reviews of ISMS systems and/or IT general controls
• Experience in Third Party Risk Management (TPRM)

• Domain knowledge in Cybersecurity including governance IT infrastructure security and risk management cyber program assessments including cyber transformation and enterprise resilience.
• Demonstrated hands-on experience in cybersecurity with a proven track record of executing technical work not just overseeing teams.
• Demonstrate excellent interpersonal skills inspire teamwork and responsibility with engagement team members
• Strong analytical and problem-solving abilities with a keen eye for detail.
• Excellent interpersonal skills with the ability to inspire teamwork and collaboration.

Strong project management skills including:

• Project planning and resource management ensuring alignment with client and organizational objectives
• Budgeting and work estimation (e.g. man-days estimation resource allocation)
• Effective stakeholder communication ensuring alignment of expectations and facilitating decision-making
• Experience in establishing governance frameworks and developing KPIs for service delivery.

To qualify for the role you must have

• Excellent command of the English language; other languages would be an asset.
• Analytical and problem-solving abilities observant with an eye for detail.
• Ability to liaise with stakeholders and manage multiple priorities effectively.
• Proven experience in both hands-on technical work and project leadership/coordinating responsibilities.

Ideally youll also have

• Knowledge about Digital Operational Resilience Act (DORA) NIS2 directive EU Cybersecurity Act EU AI Act and/or other relevant EU regulations.
• Practical knowledge of GRC system such RSA Archer SAP GRC OneTrust ServiceNow GRC

What we look for

We seek candidates with a minimum of 5 years of experience in Information Security and Information Technology including at least 2 years focused specifically on cybersecurity. The ideal candidate will have expertise in regulatory compliance risk management and business continuity planning with a proven track record of executing technical work alongside managing teams. Strong analytical and problem-solving skills are essential as well as the ability to effectively communicate with stakeholders and manage multiple priorities. Familiarity with relevant regulations such as ISO 27001 NIST and emerging EU directives like DORA and NIS2 will be advantageous. Additionally hands-on experience with GRC systems such as RSA Archer or ServiceNow GRC will further enhance a candidates profile.

What we offer

EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across nine locations Argentina Hungary India the Philippines Poland Sri Lanka Mexico Spain and the United Kingdom and with teams from all EY service lines geographies and sectors playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants we offer a wide variety of fulfilling career opportunities that span all business GDS you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. Well introduce you to an ever-expanding ecosystem of people learning skills and insights that will stay with you throughout your career.

• Continuous learning: Youll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: Well provide the tools and flexibility so you can make a meaningful impact your way.
• Transformative leadership: Well give you the insights coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture:Youll be embraced for who you are and empowered to use your voice to help others find theirs.

About EY

EY Building a better working world

EY exists to build a better working world helping to create long-term value for clients people and society and build trust in the capital markets.

Enabled by data and technology diverse EY teams in over 150 countries provide trust through assurance and help clients grow transform and operate.

Working across assurance consulting law strategy tax and transactions EY teams ask better questions to find new answers for the complex issues facing our world today.

If you can demonstrate that you meet the criteria above please contact us as soon as possible.

The exceptional EY experience. Its yours to build.

In compliance with the requirements of the Whistleblower Protection Act our company has established the Procedure for reporting breaches of law and undertaking appropriate follow-up actions. Any misconduct should be reported through the EY Ethics Hotline.