EMEIA Technology Risk Leader for EY in London, England (salary £52K - £67K)

May 27, 2021

This position is looking for:

  • A working knowledge of policy frameworks such as ISO, COBIT and unified compliance framework
  • Ability to understand and integrate cultural differences and motives and to lead cross cultural teams.
  • An ability to utilize core risk and controls skills in a broad range of projects both in a traditional internal audit and in advisory projects aimed at assisting in the implementation of controls / improvements.
  • Professional; quickly establishes personal credibility and demonstrates expertise.
  • 10 or more years of experience in the Information Technology, Information Security and/or IT Risk Management field(s).
  • 5+ years of experience in managing senior staff/management staff in Governance, Risk, and Compliance
  • An advanced degree in Computer Science, Information Security or a related discipline, or equivalent work experience.
  • One or more of the following or equivalent certifications preferred: Certified Risk and Information Systems Control (CRISC), Certified Information Systems Security Processional (CISSP), Certified Information Security Manager (CISM), Certified Information System Auditor (CISA), Certified Internal Auditor (CIA), Global Information Assurance Certification (GIAC) in related area, CIPP, CIPT


  • Experience in IT Risk Management and/or Information Security disciplines
  • Experience in communicating to all levels of management, clients and vendors
  • A working knowledge of policy frameworks such as ISO, COBIT and unified compliance framework
  • Ability to appropriately balance internal functional needs with business impact and benefit
  • Skilled in executive level presentations and briefings
  • Solid knowledge and working experience in governance, risk and compliance as applies to technology
  • Proactively maintains a comprehensive knowledge of the core business and financial drivers of EY’s service lines as well as the operating environment within IT. Works with peers and others in service specific IT groups to support the proper recognition of risk issues or to proactively position risk mitigation and other service improvement opportunities or to engage with others in the area of continuous improvement.
  • Good appreciation of the business benefits of internal control and good risk management and not just for compliance purposes (i.e., not limited to SOX, PCI or other regulatory mainstay drivers).

For more information, go to: