FSO, Digital Risk - IT Risk Reduction Manager

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all.

The exceptional EY experience. It's yours to build.

EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.

This position could be located in NY, IL, NC, CA.

EY is a leader in serving the global financial services marketplace and the only professional services firm with a separate business unit dedicated to the financial services industry – the Financial Services Organization (FSO). Our focused model and bold ambition have put us at the center of the events that continue to reshape and redefine our industry, working side by side with a range of clients from our most venerable institutions to dynamic new entrants across Banking and Capital Markets, Wealth and Asset Management, Insurance, and Real Estate, Hospitality and Construction. Our purpose is to help build a financial services industry in which financial institutions are trusted and flourish, and the global economy is healthy, growing and secure. If you have a passion for rallying together to solve complex challenges, then come join our dynamic FSO team!

The opportunity

Our Integrated Digital Risk, a competency within the FSO Cyber and Technology Risk practice, provides financial services clients with an innovative and comprehensive approach for managing cyber and technology risks across their organizations. With the ever-increasing risks for conducting business in a globally connected economy, and rapid evolution of related threats, companies are turning to EY to understand, assess, and prioritize risks, as well as the related actions. EY has been recognized by multiple organizations as a leader in the cybersecurity space. In addition, our clients look to EY to help them transform their cyber programs, while driving business performance. Our team works collaboratively across the various FSO competencies and the EY global network to provide comprehensive and insightful services to our clients. Our Cyber Risk team competencies include cyber risk management; cyber strategy and transformation; cloud, digital and emerging technologies; cyber regulatory risk and compliance; cyber controls; audit and assurance; cyber resiliency and incident response and data privacy and data protection.

Your key responsibilities

1. On a typical day, you will work with your engagement team and the client to execute engagements which help the client to measure the effectiveness of its cybersecurity and privacy programs.
2. Assess the cybersecurity risk of a client; evaluate the maturity of a security program and perform benchmarking against its peers.
3. Advise on cybersecurity reference architecture leading practices, test the effectiveness of cyber controls.
4. Assist the client with complying with the various cyber regulations.
5. Help implement new cyber control processes and tools to perform more effective cyber risk management.
6. Manage engagement teams and oversee the execution of engagement procedures and delivery of work products.
7. Establish, maintain, and strengthen internal and external relationships to identify potential business opportunities for EY.
8. Stay abreast of current cyber regulations and industry practices, display teamwork, integrity and leadership to support and value your team’s contributions.

Skills and attributes for success

You will be expected to demonstrate in-depth technical capabilities, financial services industry knowledge and professional knowledge, establish relationships with client personnel, and possess good business acumen. Teaming and working with client personnel to analyze, evaluate and enhance their cybersecurity programs and related processes will be critical for success. As a manager, you will be expected to:

1. Possess an in-depth understanding of general security concepts and methods, such as cyber strategy and transformation, cyber risk management, cybersecurity architecture, operations and monitoring, infrastructure and application security, cyber threat management, cloud security, emerging technologies (robotics, blockchain, IoT, etc.) security, cyber regulatory compliance and controls, cyber resiliency and business continuity, incident response and crisis management, data protection and privacy, and third-party risk management.
2. Leverage knowledge of the current cyber and technology topics in the financial services industry to interface with client stakeholders and subject-matter experts.
3. Demonstrate and apply strong project management skills, inspire teamwork and responsibility with engagement team members.
4. Collaborate with other members of the engagement team to plan the engagement and develop work programs and execution enablers.
5. Drive high-quality work products within expected timeframes and on budget.
6. Monitor engagement progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.
7. Manage engagement team members, providing guidance and coaching.

To qualify for the role, you must have

1. Bachelor’s degree in business, accounting, finance, computer science, information systems, management or a related discipline and 5 + years of associated work experience.
2. Minimum of 3+ years of experience working as a cyber security practitioner and/or cyber risk practitioner for a public accounting firm, a professional services firm or financial services company.
3. Experience with at least three of the following types of work related to cybersecurity risk: (a) cyber strategy, transformation and architecture, (b) cyber risk management, (c) cyber compliance, regulations and standards, (d) cyber resiliency and/or (e) cyber controls, assessments and audit.
4. Working knowledge of industry standards (ISO 27001, NIST 800, NIST CSF, FFIEC, SANS, CSA, PCI-DSS) and regulations (OCC, FRB, FDIC, GLBA, NY-DFS, SEC, NFA, MAS, GDPR).
5. Working knowledge of cybersecurity technologies, such as infrastructure security, threat and vulnerability management, application security, cloud security, cyber governance, risk and compliance and cyber resiliency.
6. Familiarization with financial services industry groups, such as FS-ISAC, SIFMA, NAIC, AIMA and FSR/BITS.
7. Ability to examine issues both strategically and analytically.
8. Experience in client service delivery and ability to manage multiple concurrent engagement teams and projects.
9. Available to travel outside of your assigned office location at least 80% of the time. A valid passport is required.
10. Related professional certifications such as CISSP, CISM, CRISC, and/or CISA certification.

Ideally, you’ll also have

1. Master’s degree in information systems, computer science, business, accounting, finance or a related discipline.
2. Excellent leadership, teamwork and client service skills.
3. Strong written and verbal communication skills and presentation skills.

What we look for

We are looking for passionate leaders with strong vision and a desire to stay on top of trends in the financial services industry. If you have a genuine passion for helping businesses achieve their full potential, this role is for you.

What Working at EY Offers

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances.

Plus, we offer:

1. Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
2. Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
3. Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
4. Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

About EY

As a global leader in assurance, tax, transaction and advisory services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom to “to help clients better their organizations. So that whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

Join us in building a better working world. Apply now.

EY accepts applications for this position on an on-going basis. If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through

#J-18808-Ljbffr