Tech Risk-Manager

Job Description

As a Manager in the EY- Technology Risk team, you will play a crucial role in contributing technically to IT Risk and Assurance client engagements and internal projects. Your responsibilities will include evaluating a portfolio of controls for design effectiveness, operating effectiveness, and risk management outcomes. Additionally, you will be responsible for ensuring the accuracy and effectiveness of assigned control assessments, managing control owners and stakeholders, applying risk management concepts to identify findings, and providing valuable insights to clients. Your role will also involve reviewing IT Policies and Standards, staying current with regulatory standards, and working closely with cross-functional teams within IT security and GRC projects.Key Responsibilities:- Evaluate a portfolio of controls for design effectiveness, operating effectiveness, and risk management outcomes- Ensure accuracy, effectiveness, and timely delivery of assigned control assessments- Test and supervise the delivery of various controls including ITGC, ITAC, System Architecture, Operating Systems, Databases, Networks, Security Systems, and more- Manage control owners and stakeholders, ensuring the success of each review- Apply judgement and risk management concepts to identify findings and provide valuable insights to clients- Review IT Policies and Standards and ensure compliance with industry standards- Stay current with regulatory standards and industry best practices- Familiarity with control frameworks such as COSO, internal control principles, and related regulationsSkills And Attributes For Success:- Provide guidance and share knowledge with team members- Experience in conducting information security assessments- Maintain relationships with client management- Utilize extensive knowledge of the clients business/industry- Understand EY and its service lines- Experience in project management and technology/tools utilizationQualifications Required:- Graduate (CS/ IT, Electronics, Electronics & Telecommunications)/MBA/M.Sc. with at least 7 years of experience- Significant experience in applying relevant technical knowledge in ISO assessments, NIST assessments, Data privacy audits, Network and Infrastructure audits, Cyber Maturity Assessment, IT Policies and Standards Assessment, IAM and IT Asset Management, IT Health CheckIdeally, youll also have:- Robust understanding of program and project management practices- Familiarity with a typical IT systems development life cycleIn conclusion, working at EY offers you opportunities to be part of a globally connected powerhouse, work on inspiring projects, and receive support, coaching, and feedback from engaging colleagues. You will have the freedom and flexibility to handle your role in a way that suits you best and opportunities to develop new skills and progress in your career. Join EY in building a better working world by creating new value for clients, society, and the planet while shaping the future with confidence. As a Manager in the EY- Technology Risk team, you will play a crucial role in contributing technically to IT Risk and Assurance client engagements and internal projects. Your responsibilities will include evaluating a portfolio of controls for design effectiveness, operating effectiveness, and risk management outcomes. Additionally, you will be responsible for ensuring the accuracy and effectiveness of assigned control assessments, managing control owners and stakeholders, applying risk management concepts to identify findings, and providing valuable insights to clients. Your role will also involve reviewing IT Policies and Standards, staying current with regulatory standards, and working closely with cross-functional teams within IT security and GRC projects.Key Responsibilities:- Evaluate a portfolio of controls for design effectiveness, operating effectiveness, and risk management outcomes- Ensure accuracy, effectiveness, and timely delivery of assigned control assessments- Test and supervise the delivery of various controls including ITGC, ITAC, System Architecture, Operating Systems, Databases, Networks, Security Systems, and more- Manage control owners and stakeholders, ensuring the success of each review- Apply judgement and risk management concepts to identify findings and provide valuable insights to clients- Review IT Policies and Standards and ensure compliance with industry standards- Stay current with regulatory standards and industry best practices- Familiarity with control frameworks such as COSO, internal control principles, and related regulationsSkills And Attributes For Success:- Provide guidance and share knowledge with team members- Experience in conducting information security assessments- Maintain relationships with client management- Utilize extensive knowledge of the clients business/industry- Understand EY and its service lines- Experience in project management and technology/too

Keyskills :
NISTCOSOSOXHIPAAProject ManagementIT RiskAssuranceISO27001Privacy AssessmentCyber Maturity AssessmentIT PoliciesStandards AssessmentSoftware Development Lifecycle SDLCPCIDSSFDASSAE16SysTrustWebTrustInformation Security AssessmentsBusine