Associate Consultant-business Consulting Risk-nat-cns-risk-regulatory jobs at Ey in India, Hyderabad

Technology Consulting

Senior Manager I, Technical Risk Assurance

Client Technology (CT) -identify new technology-based opportunities faster and pursue those opportunities more rapidly.

Enterprise Workplace Technology (EWT) –

Information Security (Info Sec) -

Your key responsibilities

• Lead and manage a team responsible for security risk assessments, vulnerability management and IT security governance.

• Develop and implement security strategies to prevent unauthorized access, data breaches and cyber threats, ensuring compliance with industry standards.

• Oversee security assessments to evaluate the adequacy of existing security controls, identify vulnerabilities and recommend corrective actions.

• Collaborate with IT, business units and third-party partners to assess the impact of technology implementations on security and operations.

• Define best practices for risk assessments, security policies and technical security solutions, ensuring integration with enterprise security frameworks.

• Monitor and analyze system access logs, network activity and security incidents, leading investigations into potential or actual security violations.

• Oversee security evaluations for technical acquisitions, infrastructure and development processes to ensure compliance with security standards.

• Manage vendor relationships and third-party security assessments, ensuring alignment with organizational security requirements.

• Validate security plans, risk assessments and mitigation strategies, ensuring effectiveness in protecting critical systems and data.

• Provide leadership in cybersecurity strategy and industry best practices, staying ahead of emerging security threats and regulatory requirements.

• Hire, develop, and mentor security teams, setting performance standards and ensuring continuous skill development.

• Support business continuity and disaster recovery efforts, ensuring robust security measures for system resilience.

• Participate in special projects and contribute to continuous improvement initiatives in cybersecurity risk management

Skills and attributes for success

• A team player with strong analytical, communication and interpersonal skills

• Constantly updating yourself about new technologies in the market

• A winning personality and the ability to become a trusted advisor to the stakeholders

To qualify for the role, you must have

• Minimum 10 years of related work experience, preferably in IT security or application development, with supervisory experience preferred.

• Undergraduate degree in Information Security, Computer Science, Information Technology, or a related field (or equivalent combination of training and experience).

• Expertise in secure coding, threat modeling, vulnerability assessments, penetration testing, and application architecture review.

• Strong knowledge of DevSecOps practices, OWASP standards, compliance frameworks and risk management.

• Experience with secure software development, cloud security (AWS, Azure, GCP), and integrating security tools in CI/CD pipelines.

• Proficiency in vendor risk assessments, third-party security reviews, and regulatory compliance (SOX, GDPR, HIPAA).

• Strong leadership, team management, and mentoring abilities, with experience working cross-functionally and influencing security priorities.

• Excellent strategic thinking, decision-making, and conflict-resolution skills, with a results-oriented mindset.

• Ability to communicate security risks effectively to stakeholders and foster collaboration between IT, business units, and leadership.

• Preferred Certifications: Certified Information Systems Security Professional (CISSP), GIAC Security Essentials Certification (GSEC), GIAC Penetration Tester (GPEN), GIAC Web App Pen Tester (GWPN), Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), AWS Certified DevOps Engineer, or equivalent

Ideally, you’ll also have

• Strong verbal and written communication, facilitation, relationship-building, presentation and negotiation skills.

• Be highly flexible, adaptable, and creative.

• Comfortable interacting with senior executives (within the firm and at the client)

What we look for

• Strong teamwork, work ethic, product mindset, client centricity and a relentless commitment to EY values.

We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around

• Opportunities to develop new skills and progress your career

• The freedom and flexibility to handle your role in a way that’s right for you

can be requiredto travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build aetter working world. That starts with a culture that believes in giving you the training, opportunities andfreedom to make things better.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Make your mark.

Apply now.

Technology Consulting

Specialist III, Third Party Technical Risk Assessment Analyst

Client Technology (CT) -identify new technology-based opportunities faster and pursue those opportunities more rapidly.

Enterprise Workplace Technology (EWT) –

Information Security (Info Sec) -

Your key responsibilities

• Lead and coordinate security initiatives to safeguard IT infrastructure, data and applications from cyber threats and unauthorized access.

• Conduct risk assessments and security audits, identifying vulnerabilities and recommending mitigation strategies to enhance security controls.

• Evaluate third-party applications, technologies and technical acquisitions to ensure they meet internal security standards and compliance requirements.

• Design, implement, and test secure operating systems, networks and databases, ensuring the integrity of organizational IT infrastructure.

• Monitor and analyze system access logs to detect unauthorized access attempts, anomalies, or potential security breaches.

• Recommend and implement security process improvements related to third-party assessments, application security and risk mitigation strategies.

• Perform vulnerability scans, penetration testing and intrusion detection analysis to proactively identify and resolve security threats.

• Plan and oversee security measures for system backups and disaster recovery, ensuring business continuity and data protection.

• Collaborate with key stakeholders, including IT, compliance and leadership teams, to align security strategies with business objectives.

• Stay updated on emerging security threats, technologies and regulatory requirements, driving continuous improvement in security frameworks.

• Participate in special projects and support security-related initiatives, ensuring adherence to industry best practices and organizational security policies.

Skills and attributes for success

• A team player with strong analytical, communication and interpersonal skills

• Constantly updating yourself about new technologies in the market

• A winning personality and the ability to become a trusted advisor to the stakeholders

To qualify for the role, you must have

• Minimum 8 years of relevant work experience, including at least 5 years in application development and IT security.

• Bachelor’s degree (B.E./B.Tech) in Computer Science or IT(or equivalent combination of training and experience) or Bachelor’s in Computer Applications (BCA) from a recognized institution. MBA degree preferred

• Expertise in vendor risk assessment frameworks, third-party security reviews, and compliance standards such as SOC 2, ISO 27001, NIST, and COBIT.

• Experience with risk scoring methodologies, contract reviews, and regulatory compliance requirements.

• Familiarity with security tools such as Archer and ServiceNow for risk and compliance management.

• Strong knowledge of vulnerability assessments, penetration testing, and security auditing to identify and mitigate risks.

• Understanding of secure application development, encryption, authentication, and access control best practices.

• Proficiency in cloud security (AWS, Azure, GCP), network security, and endpoint protection.

• Strong analytical, critical-thinking, and technical writing skills to document findings, perform security assessments, and communicate risk mitigation strategies.

• Excellent interpersonal and communication abilities to collaborate with vendors, stakeholders, and IT teams.

• Certification requirements: Ability to obtain Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)

Ideally, you’ll also have

• Strong verbal and written communication, facilitation, relationship-building, presentation and negotiation skills.

• Be highly flexible, adaptable, and creative.

• Comfortable interacting with senior executives (within the firm and at the client)

What we look for

• Strong teamwork, work ethic, product mindset, client centricity and a relentless commitment to EY values.

We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around

• Opportunities to develop new skills and progress your career

• The freedom and flexibility to handle your role in a way that’s right for you

can be requiredto travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build aetter working world. That starts with a culture that believes in giving you the training, opportunities andfreedom to make things better.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Make your mark.

Apply now.

Technology Consulting

Specialist III, Cloud Security Engineer

Client Technology (CT) -identify new technology-based opportunities faster and pursue those opportunities more rapidly.

Enterprise Workplace Technology (EWT) –

Information Security (Info Sec) -

Your key responsibilities

• Plans and implements new security technologies and major releases for the most critical enterprise-wide IT cloud platform projects. Designs, implements, and deploys cloud security systems to support and meet business needs. Identifies, recommends, and implements opportunities for improvement and performance issue solutions.

• Provides expert level technical support and ensures reliable operation of cloud production. Diagnoses and troubleshoots the most complex security issues for cloud computing systems. Contributes to the implementation of leading security technologies in infrastructure to improve its overall performance. Maintains comprehensive technical knowledge of software and infrastructure platforms.

• Develops auditing methodologies and architecture to manage and protect data in cloud computing environments.

• Elevates code into the development, test, and production environments on schedule. Provides follow up production support. Submits change control requests and documents.

• Learns and understands client area business functions and requirements. Determines the appropriate technical tool to address the client's business needs.

• Trains and mentors more junior staff on processes and technologies. Troubleshoots and resolves the most complex issues elevated from staff. Provides guidance and consultation as required. Updates, writes, and maintains documentation for the department.

• Administers system activities. Writes the technical portion of assigned deliverables. Performs systems analysis, including system requirements analysis and definition, and logical design.

• Participates in special projects and performs other duties as assigned.

• Implement and oversee proactive security measures to prevent cyber threats, including hacking, data breaches, and unauthorized access to organizational systems and intellectual property.

• Conduct regular security assessments such as risk audits, password and vulnerability scans, and recommend enhancements to system design, infrastructure, and application security.

• Monitor access logs and intrusion detection systems continuously, and establish secure backup and disaster recovery protocols to ensure business continuity and rapid incident response.

Skills and attributes for success

• A team player with strong analytical, communication and interpersonal skills

• Constantly updating yourself about new technologies in the market

• A winning personality and the ability to become a trusted advisor to the stakeholders

To qualify for the role, you must have

• Minimum 8 years of related work experience in cloud security engineering and related feild.

• Bachelor’s degree (B.E./B.Tech) in Computer Science or IT, or Bachelor’s in Computer Applications (BCA), or Master’s in Computer Applications (MCA).

• Strong experience in designing and implementing cloud security solutions for enterprise-wide platforms.

• Expertise in cloud security frameworks, compliance standards (e.g., NIST, ISO 27001, CIS), and regulatory requirements.

• Hands-on experience with cloud security tools, identity and access management (IAM), and encryption methodologies.

• Proficiency in troubleshooting and mitigating complex security threats within cloud environments.

• Strong problem-solving, analytical and communication skills to collaborate with IT and business stakeholders.

Ideally, you’ll also have

• Strong verbal and written communication, facilitation, relationship-building, presentation and negotiation skills.

• Be highly flexible, adaptable, and creative.

• Comfortable interacting with senior executives (within the firm and at the client)

What we look for

• Strong teamwork, work ethic, product mindset, client centricity and a relentless commitment to EY values.

We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around

• Opportunities to develop new skills and progress your career

• The freedom and flexibility to handle your role in a way that’s right for you

can be requiredto travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build aetter working world. That starts with a culture that believes in giving you the training, opportunities andfreedom to make things better.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Make your mark.

Apply now.