Client Technology IT Risk Manager, EY (Salary Not Disclosed)

November 5, 2019

The opportunity
The role of the Client Technology (CT) IT Risk Manager is to enable the conduct of business, through proactive identification, assessment, and mitigation, of IT risks facing EY personnel, facilities, and operations around the globe. This individual partners with Client Technology leadership and business stakeholders to manage strategic risk to enable critical service delivery processes.

Your key responsibilities

The IT Risk Management function creates and maintains EY Technologies’ risk management framework, processes, tooling, and strategy. Our primary objectives are to enable EY Technology to build a risk-aware culture, reduce IT risk, defend against internal and external threats, and protect client and EY data.

As an Associate Director leading the CT IT Risk team, you will oversee the management of risk across CT including the engagement of firm leadership with Client Technology, the management/remediation of information and technology risks, the interface to operational and business risk activities. You will partner closely with the Global IT Risk Management leader and the ITRM Manager to execute on the vision, strategy, goals, and objectives for IT Risk Management. The primary objectives for this role are to enable CT to build a risk-aware culture, reduce IT risk, defend against internal and external threats, and protect client and EY data.

Skills and attributes for success

  • Executes on the established IT Risk Management vision for risk activities across Client Technology
  • Liaises with ET and IS risk IT risk leaders
  • Serves as a point of escalation for risk across CT
  • Exhibit industry leading risk management practices through effective internal controls, risk monitoring, and risk assessments
  • Looks for ways to continually improve our risk management processes
  • Understand the Client Technology IT risk landscape while receiving input from domain, product, and service owners on potential risks
  • Conduct risk assessments on CT technologies, products, and operations
  • Enforce the usage of a standard risk management framework for CT products and operations
  • Engage with EY Risk Management functions including: GCO, Data Protection, Enterprise Risk Management, Independence, etc. to validate CT's overall risk compliance
  • Consult on Enterprise programs to embed risk-based decision-making
  • Consult and provide direction to leaders in EY Technology on effective risk mitigation strategies
  • In partnership with the Global IT Risk Management Leader, drive adoption of industry leading risk management practices
  • Deliver risk intelligence to EY Technology leaders to enable informed decision-making

To qualify for the role you must have

  • An in-depth understanding of ISO 27002, ISO 27001, ISO 31000 frameworks and applying these frameworks
  • Familiarity with local and regional regulatory requirements and how they impact IT policies
  • Experience with RSA Archer
  • Experience managing the communication to senior leaders in relation to our risk management program

For More Info. Go To: