In a world where risk is everywhere,organisations look to us to transform their approach to risk to turn it in to ameans to not only protect the enterprise, but create value. As a member of our Cyber Risk team, you will belong to an international networkof specialists helping our clients transform risk functions and implementtechnology solutions to provide the executive leadership with valuable insightfor decision making.
As innovators and thought leaders incyber risk, EY are embracing change through asking better questions andbuilding a better working world by providing services that are risk based and use a balanced combination ofpeople, practices and technology to position EY at the forefront of cyber. Thatmeans you’ll have the opportunity to grow, develop, learn new things – and tolead. You will team with respected and experienced professionals to workdirectly with our clients to help them identify important cybersecurity risks,manage them and improve the effectiveness and efficiency of riskmanagement.
We will support you with career-longtraining and coaching to develop your skills in cybersecutiy risk strategy, cybersecurityrisk management, risk management, technology, managed service and performanceenhancement. As EY is a global leading service provider in this space, you willbe working with the best of the best in a collaborative environment. Sowhenever you join, however long you stay, the exceptional EY experience lasts alifetime.
Your key responsibilities
This role will primarily focus on themanagement and delivery of our Third Party Risk Management Services to ourclients.
Third Party Cyber Risk Management(TPRM) – helps clients make strategicinvestments and focus on the right areas to effectively manage third-partyrisks. This service, made possible through our global delivery centers andtechnology partnerships, was designed in a flexible manner to reflectcompanies’ variable stages of readiness when it comes to managing third-partyrisk.
You could also have the opportunityto gain experience across a number of the capabilities which make up the Cyber Riskteam
Cyber Security Risk Management – helps clients tackle the many security challenges they facedaily through cybersecurity transformation
Cybersecurity Detect – assess,improve, build and operate security operations for clients.
Cybersecurity Response – helpsclients develop the organisational capability to react to foreseeable andunforeseeable security breaches
Skills and attributes for success
- Understand clients’ cultures and operations to influence important decisions on risk management programs and processes
- Leverage industry leading practice and trends to provide valuable insights to clients
- Develop risk programs and methodologies and implement technology to enable the client organisation
- Assist with cultivating and managing business development opportunities. Understand EY and its service lines and actively assess/present ways to serve clients.
- Develop and maintain long-term client relationships and networks. Develop relationships with team members across all EY practices to serve client needs.
To qualify for the role you musthave
- A bachelor’s degree in Information Systems, Accounting, Finance, Business or a related major and approximately 5-7 years of related work experience in cyber security and/or IT risk management.
- Demonstrable knowledge of principles of ERM and GRC concepts, leading security standards (e.g., ISO27001, NIST), certification reports (SOC 1, SOC 2, etc.) and control frameworks (e.g., COSO, ISO, OCEG, etc.)
- Demonstrable experience in planning, executing and reporting third-party risk assessments. Experience with current state assessment/diagnostic, design & build, enhancement and implementation of third-party risk management programs including governance & oversight, third-party inventory, risk approach and models, policies and standards, TPRM processes and technology, automation and reporting
- Knowledge and experience related to the diverse set of risks associated to third parties such as cyber and privacy risk, geopolitical risk, reputational risk, financial risk, regulatory and compliance risk, digital risk, operational risk, strategic risk and business continuity & resiliency risk
- Knowledge of any of the following industries/sectors: financial services, media & entertainment, technology & telecom, consumer products & retail, and power & utilities)
- Experience in managing a team (onshore and/or offshore) and various projects or processes to completion
- Proven solid analytical and problem solving skills; excellent writing and communication skills
- Advanced computer skills including Microsoft Office suite and other business related software systems
- A valid driver’s license in Australia and a valid passport required; willingness and ability to travel internationally
Ideally, you’ll also have
- One of these credentials: CISSP, CISA, CISM, CRISC or similar.
- Prior experience as a senior consultant or management consultant in a client serving role.
- Experience with TPRM and/or GRC tools and technologies (e.g., Archer, ServiceNow, SAP, ProcessUnity, Prevalent, etc.)
What we look for
We are interested in motivatedprofessionals with a natural ability to lead, solve complex problems, and workas part of a team. If you enjoy facing new challenges, challenging thestatus quo, and being part of a culture that encourages teaming and creativeproblem solving, this role is for you.
What working at EY offers
We offer a competitive compensationpackage where you’ll be rewarded based on your performance and recognized forthe value you bring to our business. In addition, our Total Rewards packageincludes a range of programs and benefits designed to support your physical,financial and social well-being. Plus, we offer:
- Support and coaching and feedback from some of the most engaging colleagues in the industry
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that’s right for you
As a global leaderin assurance, tax, transaction and advisory services, we are using the financeproducts, knowledge and systems we have developed to build a better workingworld. That starts with a culture that believes in giving you the training, opportunitiesand creative freedom to make things better. Whenever you join, however long youstay, the exceptional EY experience lasts a lifetime.
Joinus in building a better working world.
Starta conversation with us now.
The preferred applicantwill be subject to employment screening by EY or by their external third partyprovider. The preferred applicant will be subject to employment screening byErnst & Young or by their external third party provider. Regarding theseopportunities, the minimum salary for more junior positions is$70,000 including 9.5% superannuation.
© 2019 Ernst& Young Australia. All Rights Reserved. Liability limited by a schemeapproved under Professional Standards Legislation.