Logo
EY

FSO, Digital Risk - IT Risk Reduction Manager

EY, San Francisco, California, United States, 94199


At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all.

The exceptional EY experience. It's yours to build.

EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.

This position could be located in NY, IL, NC, CA.

EY is a leader in serving the global financial services marketplace and the only professional services firm with a separate business unit dedicated to the financial services industry – the Financial Services Organization (FSO). Our focused model and bold ambition have put us at the center of the events that continue to reshape and redefine our industry, working side by side with a range of clients from our most venerable institutions to dynamic new entrants across Banking and Capital Markets, Wealth and Asset Management, Insurance, and Real Estate, Hospitality and Construction. Our purpose is to help build a financial services industry in which financial institutions are trusted and flourish, and the global economy is healthy, growing and secure. If you have a passion for rallying together to solve complex challenges, then come join our dynamic FSO team!

The opportunity

Our Integrated Digital Risk, a competency within the FSO Cyber and Technology Risk practice, provides financial services clients with an innovative and comprehensive approach for managing cyber and technology risks across their organizations. With the ever-increasing risks for conducting business in a globally connected economy, and rapid evolution of related threats, companies are turning to EY to understand, assess, and prioritize risks, as well as the related actions. EY has been recognized by multiple organizations as a leader in the cybersecurity space. In addition, our clients look to EY to help them transform their cyber programs, while driving business performance. Our team works collaboratively across the various FSO competencies and the EY global network to provide comprehensive and insightful services to our clients. Our Cyber Risk team competencies include cyber risk management; cyber strategy and transformation; cloud, digital and emerging technologies; cyber risk management; cyber regulatory risk and compliance; cyber controls; audit and assurance; cyber resiliency and incident response and data privacy and data protection.

Your key responsibilities

On a typical day, you will work with your engagement team and the client to execute engagements which help the client to measure the effectiveness of its cybersecurity and privacy programs, assess the cybersecurity risk of a client; evaluate the maturity of a security program and perform benchmarking against its peers, advise on cybersecurity reference architecture leading practices, test the effectiveness of cyber controls, assist the client with complying with the various cyber regulations, and help implement new cyber control processes and tools to perform more effective cyber risk management. You will be primarily responsible for managing engagement teams and overseeing the execution of engagement procedures and delivery of work products. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships, in order to identify potential business opportunities for EY. We will look to you to stay abreast of current cyber regulations and industry practices, as well as display teamwork, integrity and leadership to support and value your team’s contributions, which fosters innovation.

Skills and attributes for success

You will be expected to demonstrate in-depth technical capabilities, financial services industry knowledge and professional knowledge, establish relationships with client personnel, and possess good business acumen. Teaming and working with client personnel to analyze, evaluate and enhance their cybersecurity programs and related processes will be critical for success. As a manager, you will be expected to:

Possess an in-depth understanding of general security concepts and methods, such as cyber strategy and transformation, cyber risk management, cybersecurity architecture, operations and monitoring, infrastructure and application security, cyber threat management, cloud security, emerging technologies (robotics, blockchain, IoT, etc.) security, cyber regulatory compliance and controls, cyber resiliency and business continuity, incident response and crisis management, data protection and privacy, and third-party risk management

Leverage knowledge of the current cyber and technology topics in the financial services industry to interface with client stakeholders and subject-matter experts, identify the engagement and client service issues, and communicate this information to the engagement team and client management through written correspondence and verbal presentations

Demonstrate and apply strong project management skills, inspire teamwork and responsibility with engagement team members, and use current technology and tools to enhance the effectiveness of work products and services

Collaborate with other members of the engagement team to plan the engagement and develop work programs and execution enablers, including approach, tasks, timelines, and budgets

Drive high-quality work products within expected timeframes and on budget

Monitor engagement progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes

Manage engagement team members, providing guidance and coaching

To qualify for the role, you must have

Bachelor’s degree in business, accounting, finance, computer science, information systems, management or a related discipline and 5 + years of associated work experience.

Minimum of 3+ years of experience working as a cyber security practitioner and/or cyber risk practitioner for a public accounting firm, a professional services firm or financial services company, or comparable experience as an advisor to a financial services company

Experience with at least three of the following types of work related to cybersecurity risk: (a) cyber strategy, transformation and architecture, (b) cyber risk management, (c) cyber compliance, regulations and standards, (d) cyber resiliency and/or (e) cyber controls, assessments and audit

Working knowledge of industry standards (ISO 27001, NIST 800, NIST CSF, FFIEC, SANS, CSA, PCI-DSS) and regulations (OCC, FRB, FDIC, GLBA, NY-DFS, SEC, NFA, MAS, GDPR)

Working knowledge of cybersecurity technologies, such as infrastructure security, threat and vulnerability management, application security, cloud security, cyber governance, risk and compliance and cyber resiliency

Familiarization with financial services industry groups, such as FS-ISAC, SIFMA, NAIC, AIMA and FSR/BITS

Ability to examine issues both strategically and analytically

Experience in client service delivery and ability to manage multiple concurrent engagement teams and projects

We would expect for you to be available to travel outside of your assigned office location at least 80% of the time. Successful candidates must work in excess of standard hours when necessary. A valid passport is required.

Related professional certifications such as CISSP, CISM, CRISC, and/or CISA certification

Ideally, you’ll also have

Master’s degree in information systems, computer science, business, accounting, finance or a related discipline

Excellent leadership, teamwork and client service skills

Strong written and verbal communication skills and presentation skills

What we look for

We are looking for passionate leaders with strong vision and a desire to stay on top of trends in the financial services industry. If you have a genuine passion for helping businesses achieve their full potential, this role is for you.

What Working at EY Offers

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.

Plus, we offer:

Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.

Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.

Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.

Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

About EY

As a global leader in assurance, tax, transaction and advisory services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom to “to help clients better their organizations. So that whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

Join us in building a better working world. Apply now.

What we offer

We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $107,000 to $196,100. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $128,400 to $222,900. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.

Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.

Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.

Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.

Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

EY accepts applications for this position on an on-going basis. If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

For those living in California, please click here for additional information.

EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.

EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com