TC CS SRCR Risk And Compliance Management Senior

At EY youll have the chance to build a career as unique as you are with the global scale support inclusive culture and technology to become the best version of you. And were counting on your unique voice and perspective to help EY become even better too. Join us and build an exceptional experience for yourself and a better working world for all.

EY- Cyber Security (CRCR) Technology Consulting Senior:

As part of our EY-Cyber security in the Technology Consulting team youll contribute technically to Cyber Security client engagements across the globe and internal. An important part of your role will be to actively establish maintain and strengthen internal and external relationships. Similarly youll anticipate and identify risks within engagements and share any issues with senior members of the team.

The opportunity:

Were looking forSenior Security Consultant who should have deep technical understanding cyber security risk and controls concepts along with various industry standards and frameworks -Unified Compliance Framework ISO27001 NIST PCI- DSS GDPR etc.

This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service line with EYs commitment to quality youll confirm that work is of the highest quality as per EYs quality standards and is reviewed by the next-level reviewer. As an influential member of the team youll help to create a positive learning culture coach and counsel junior team members and help them to develop.

Your key responsibilities:

• Ensure the end to end delivery of Cyber Maturity Assessment engagements which involves performing security assessments for various global clients
• Assess clients current state of cyber maturity against Unified Compliance framework ISO27K NIST PCI-DSS GDPR etc. through workshops/interviews with client stakeholders and understand the clients overall cyber security posture and current state of maturity
• Conducting a risk analysis and assessment of clients provided information and document request and follow up accordingly if needed. Must be able to identify whether additional information should be obtained from the client
• Defining appropriate risk ratings/risk scoring based on the defined maturity scoring either by EY standards and/or industry standards
• Must be able to provide appropriate rationale for each rating or scoring deemed to the client and/or third party based on the assessment and interaction with key stakeholders
• Work effectively as a team member sharing responsibility providing support maintaining communication updating senior team members on progress and providing recommendation based on observations from the assessment
• Post the result of the identifying non-conformities and defined maturity scoring team member must be able to define/develop strategy and roadmap needed that will help the client reach new goals in attaining the appropriate maturity level
• Prepare final deliverables like current state observation final state recommendations maturity scoring based on the assessments performed and clients conversations that will be delivered to clients and other parties

Skills and attributes for success

• Ideal candidate for the role is someone who have experience in performing end to end security assessments identifying gaps defining future state
• Experience with global standards and frameworks like unified compliance framework ISO27K GDPR PCI DSS NIST etc.
• Must have experience in working in client facing roles interacting with the third parties assessing different kinds of environments (IT and non-IT) and ability to apply cyber security concepts in all these sectors.
• Must be able to work as an individual contributor be able to independently work around the client by scheduling meetings collaborative interviews and coordinating with various stakeholders for follow up session
• Must be flexible and be able to operate in different work schedules depending on the time zone of the client you will be supporting

To qualify for the role you must have:

• At least 6 years of overall experience in Cybersecurity Strategy Risk Compliance and Resilience experience
• Bachelor orcollegedegree in related field or equivalent work experience
• Strong Excel and PowerPoint skills

Ideally youll also have:

• Project management skills.
• CISSP CISA CISM
• ISO 27001 Lead Auditor & Lead Implementer

What working at EY offers:

At EY were dedicated to helping our clients from startups to Fortune 500 companies and the work we do with them is as varied as they are.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus we offer:

• Support coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way thats right for you

EY Building a better working world

EY exists to build a better working world helping to create long-term value for clients people and society and build trust in the capital markets.

Enabled by data and technology diverse EY teams in over 150 countries provide trust through assurance and help clients grow transform and operate.

Working across assurance consulting law strategy tax and transactions EY teams ask better questions to find new answers for the complex issues facing our world today.