EY
Risk Consulting - Cybersecurity Manager - Multiple Cities
EY, Providence, Rhode Island, us, 02912
EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
**The opportunity **
The objective of our Consulting risk services is to provide clients with a candid and reliable overview of their risk landscape.
Our solutions can be used by our clients to build confidence and trust with their customers, the overall market and when required by regulation or contract.
For our Cyber Risk services, the ideal candidate will be responsible for identifying, evaluating, and managing cyber risks across the organization. This role involves working closely with IT, security teams, and business units to ensure that our cyber risk posture is aligned with our business objectives and regulatory requirements..
**Your key responsibilities **
You will be responsible for managing multiple client engagement teams at an executive level within the practice and the firm. You can expect to work with high level client personnel to analyze, evaluate, and enhance information systems facilitating the business internal control process, and will assist clients and other Risk Assurance professionals in performing information technology control and security engagements.
Skills and attributes for success
Provide guidance and share knowledge with team members and participate in performing procedures especially focusing on complex, judgmental and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement.
Brief the engagement team on the client's IT environment and industry IT trends. Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations.
Bring and utilize extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services.
Understand EY and its service lines and actively assess what the firm can deliver to serve clients.
Conduct comprehensive cyber risk assessments to identify vulnerabilities, threats, and potential impacts to the organization.
Develop and implement risk mitigation strategies and controls to protect against cyber threats.
Collaborate with IT and security teams to ensure that cybersecurity policies and procedures are up-to-date and effectively implemented.
Monitor the cyber threat landscape and provide timely intelligence to relevant stakeholders.
Facilitate risk management discussions with business leaders to ensure they understand their cyber risk exposure.
Oversee the cyber risk management lifecycle, including risk identification, analysis, response, and monitoring.
Coordinate with external partners, such as insurance providers and cybersecurity firms, to manage and transfer cyber risks where appropriate.
Prepare and present risk reports and dashboards to senior management and the board of directors.
Ensure compliance with relevant laws, regulations, and industry standards related to cybersecurity and data protection.
Conduct training and awareness programs to promote a culture of cybersecurity across the organization.
To qualify for the role, you must have
A minimum of 5 years of experience working as an IT auditor or IT risk adviser for a public accounting firm, a professional services firm, or within industry
Bachelor's degree in Information Technology, Cybersecurity, Risk Management, or a related field.
Professional certifications such as CISSP, CISM, CRISC, or similar are highly desirable.
Minimum of 2 years of experience in cybersecurity, risk management, or a related role.
Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001) and regulatory requirements.
Proven experience in risk assessment methodologies and tools.
Excellent analytical and problem-solving skills.
Strong communication and interpersonal skills, with the ability to convey complex information to non-technical stakeholders.
Ability to work independently and as part of a team in a fast-paced environment
We would expect for you to be available to travel outside of their assigned office location at least 50% of the time, plus commute within the region (where public transportation often is not available). Successful candidates must work in excess of standard hours when necessary. A valid passport is required.
Ideally, you’ll also have
A bachelor's or master's degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline
CPA, CA, CISA, CISSP, CISM, CBCP, CIA, CIPP, CGEIT certification is desired; If you are non-certified, you are required to become certified within 1 year from your date of hire.
Additional cloud-based certifications to credentialize but do not currently meet the rigor of the certification requirement above:
CCSP – Certified Cloud Security Professional
CCSK – Certificate of Cloud Security Knowledge
CCAK – Certificate of Cloud Auditing Knowledge
Microsoft Certified: Azure Fundamentals
AWS Certified Cloud Practitioner
Google Cloud Digital Leader
**What we look for **
We’re looking for passionate leaders with strong vision and a desire to stay on top of trends in the risk industry. If you have a genuine passion for helping businesses achieve their full potential, this role is for you.
What we offer
We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The salary range for this job in most geographic locations in the US is $110,500 to $202,700. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $132,700 to $230,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
Continuous learning:
You’ll develop the mindset and skills to navigate whatever comes next.
Success as defined by you:
We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
Transformative leadership:
We’ll give you the insights, coaching and confidence to be the leader the world needs.
Diverse and inclusive culture:
You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
EY accepts applications for this position on an on-going basis.
If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
For those living in California, please click here for additional information.
EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.
EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com
At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
**The opportunity **
The objective of our Consulting risk services is to provide clients with a candid and reliable overview of their risk landscape.
Our solutions can be used by our clients to build confidence and trust with their customers, the overall market and when required by regulation or contract.
For our Cyber Risk services, the ideal candidate will be responsible for identifying, evaluating, and managing cyber risks across the organization. This role involves working closely with IT, security teams, and business units to ensure that our cyber risk posture is aligned with our business objectives and regulatory requirements..
**Your key responsibilities **
You will be responsible for managing multiple client engagement teams at an executive level within the practice and the firm. You can expect to work with high level client personnel to analyze, evaluate, and enhance information systems facilitating the business internal control process, and will assist clients and other Risk Assurance professionals in performing information technology control and security engagements.
Skills and attributes for success
Provide guidance and share knowledge with team members and participate in performing procedures especially focusing on complex, judgmental and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement.
Brief the engagement team on the client's IT environment and industry IT trends. Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations.
Bring and utilize extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services.
Understand EY and its service lines and actively assess what the firm can deliver to serve clients.
Conduct comprehensive cyber risk assessments to identify vulnerabilities, threats, and potential impacts to the organization.
Develop and implement risk mitigation strategies and controls to protect against cyber threats.
Collaborate with IT and security teams to ensure that cybersecurity policies and procedures are up-to-date and effectively implemented.
Monitor the cyber threat landscape and provide timely intelligence to relevant stakeholders.
Facilitate risk management discussions with business leaders to ensure they understand their cyber risk exposure.
Oversee the cyber risk management lifecycle, including risk identification, analysis, response, and monitoring.
Coordinate with external partners, such as insurance providers and cybersecurity firms, to manage and transfer cyber risks where appropriate.
Prepare and present risk reports and dashboards to senior management and the board of directors.
Ensure compliance with relevant laws, regulations, and industry standards related to cybersecurity and data protection.
Conduct training and awareness programs to promote a culture of cybersecurity across the organization.
To qualify for the role, you must have
A minimum of 5 years of experience working as an IT auditor or IT risk adviser for a public accounting firm, a professional services firm, or within industry
Bachelor's degree in Information Technology, Cybersecurity, Risk Management, or a related field.
Professional certifications such as CISSP, CISM, CRISC, or similar are highly desirable.
Minimum of 2 years of experience in cybersecurity, risk management, or a related role.
Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001) and regulatory requirements.
Proven experience in risk assessment methodologies and tools.
Excellent analytical and problem-solving skills.
Strong communication and interpersonal skills, with the ability to convey complex information to non-technical stakeholders.
Ability to work independently and as part of a team in a fast-paced environment
We would expect for you to be available to travel outside of their assigned office location at least 50% of the time, plus commute within the region (where public transportation often is not available). Successful candidates must work in excess of standard hours when necessary. A valid passport is required.
Ideally, you’ll also have
A bachelor's or master's degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline
CPA, CA, CISA, CISSP, CISM, CBCP, CIA, CIPP, CGEIT certification is desired; If you are non-certified, you are required to become certified within 1 year from your date of hire.
Additional cloud-based certifications to credentialize but do not currently meet the rigor of the certification requirement above:
CCSP – Certified Cloud Security Professional
CCSK – Certificate of Cloud Security Knowledge
CCAK – Certificate of Cloud Auditing Knowledge
Microsoft Certified: Azure Fundamentals
AWS Certified Cloud Practitioner
Google Cloud Digital Leader
**What we look for **
We’re looking for passionate leaders with strong vision and a desire to stay on top of trends in the risk industry. If you have a genuine passion for helping businesses achieve their full potential, this role is for you.
What we offer
We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The salary range for this job in most geographic locations in the US is $110,500 to $202,700. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $132,700 to $230,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
Continuous learning:
You’ll develop the mindset and skills to navigate whatever comes next.
Success as defined by you:
We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
Transformative leadership:
We’ll give you the insights, coaching and confidence to be the leader the world needs.
Diverse and inclusive culture:
You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
EY accepts applications for this position on an on-going basis.
If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
For those living in California, please click here for additional information.
EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.
EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com