Ey-process -controls- Risk Consulting - G Manager jobs at Ey in India, Thiruvananthapuram

Working in our practice, you will have the opportunity to work with clients to provide practical risk management, internal audit solutions and gaining valuable experience in a variety of clients.

Your key responsibilities

The current role requires leading internal audit and other risk consulting engagements for Real Estate construction companies. As part of the role, the candidate is expected to:

• Responsible for leading and executing client engagements and meeting the expectations of the client and the onsite team within the MENA region.
• Ability to interact with all levels of management, including C-Suite management
• Possess in-depth sector knowledge and practical experience in at least one of the following industries: Real Estate & Construction, Airport, or Aviation.
• Have thorough knowledge and understanding of Internal Audit methodology and IIA requirements.
• Deliver / manage engagements to time, cost and high quality.
• Identify key areas of improvement in the client's business processes and add value by preparing insightful recommendations.
• Contribute to business development activities such as preparing proposals, lead identification
• Always comply with the firm’s quality and risk management policies
• Manage multiple assignments and related project teams.
• Maintain excellent rapport and proactive communication with the client
• Mentor and coach junior team members, enabling them to meet their performance goals and successfully grow their careers
• Manage the engagement budgets and support superiors in developing marketing collaterals, business proposals and new solution / methodology development

Skills and attributes for success

• Exceptional command on spoken and written English
• Globally mobile and flexible to travel to onsite locations at a short notice
• Highly analytical, organised and meticulous consulting skills
• Demonstrating and applying strong project management skills, inspiring teamwork and responsibility with engagement team members
• Ability to multi-task, work well under pressure with commitment to deliver under tight deadline
• Strong organizational skills with ability to prioritize effectively
• Attention to detail and quality assurance
• Proficient in MS-Office Suite, data analysis & validation

To qualify for the role, you must have

• Bachelor’s degree in Engineering or relevant professional qualification such as CA, ACCA,CIA
• Experience in Internal Audit /Risk Management with Real Estate and Construction sector focus
• A minimum of 11 years of relevant work experience
• A valid passport for travel.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

Your key responsibilities

• Evaluate key cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection Platforms (CWPP), Identity and Access Management (IAM), Cloud Access Security Brokers (CASB), Web Application Firewalls (WAF), Cloud encryption and key management services, Security Information and Event Management (SIEM), and security automation tools with respect to hybrid cloud security posture (AWS, Azure, GCP, and on-premises).
• Evaluate the effectiveness of the implementation and operations of vulnerability management and patching programs, including timely identification, prioritization, and remediation of cloud and on-premises vulnerabilities
• Evaluate security hardening standards and secure cloud configuration best practices across all environments.
• Evaluate DevSecOps implementation to embed security into CI/CD pipelines and cloud deployments.
• Evaluate the current practice followed of cloud security monitoring and incident management
• Conducting risk assessments and vulnerability analyses in cloud environments and propose mitigation strategies
• Support larger Internal Audit and Cyber security audits engagements especially on domains related to cloud security
• Develop cloud security policies/procedures to protect data in the cloud and prevent unauthorized access.
• Good understanding of cloud security standards/regulations globally and within the MENA region (KSA, UAE, Qatar)
• Communicate cloud security risks, strategies, and remediation plans clearly to technical teams and senior management
• Ability to translate complex technical details into clear, business-understandable language for effective communication with stakeholders/business users
• Good in report writing and convey the observations to the top management in layman’s language emphasizing on the business risks.
• Build a team under you focused on cloud security and mentor junior resources
• Facilitate knowledge sharing and cross-team collaboration to enhance cloud security skills within the group
• Should be open-minded and ready to take up additional challenges or tasks outside your core domain expertise

Skills and attributes for success

• Strong technical knowledge of AWS, Azure, GCP, OCI and on-premises security architectures and controls.
• Proven ability to evaluate cloud security technologies, policies and processes.
• Experience conducting cloud risk assessments against global/MENA specific standards/regulations
• Experience managing cloud security metrics, reporting, and audit readiness.
• Excellent communication and stakeholder management skills.
• Experience in incident management and response in cloud environments.
• Familiarity with DevSecOps and secure CI/CD practices in Cloud

To qualify for the role, you must have

• 7–14 years of experience in cloud security, with hands-on expertise in hybrid and multi-cloud environments.
• Excellent communication skills with consulting experience preferred

Ideally, you’ll also have

• A bachelor's or master's degree in B. TECH/B. E, MS, MBA in accounting or a related discipline.
• CCSP (Certified Cloud Security Professional)
• AWS Certified Security – Specialty
• Microsoft Certified: Azure Security Engineer Associate
• Google Cloud Professional Cloud Security Engineer)

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

Change manager is responsible for managing and delivering OCM/HR transformation projects to schedule, budget and quality. The role requires excellent knowledge of coming up with Change Management Strategy, Change Management Framework and strategy, Change management plan, Resistance management and Training. Change Manager must have proficient stakeholder relationship management skills and influencing skills to successfully lead and deliver the project team and project stakeholders.

Client Responsibilities:

• Independently work with client stakeholders and deliver:
  • Change Management Strategy
  • Change Management Framework
  • Change management plan
  • Change management strategy
  • Resistance management and plan
  • Change related Trainings and planning as per the schedule
  • Training need identification
  • Change rollout readiness assessment
  • Change Impact assessment
  • Communication plan
  • Change readiness assessment
  • Stakeholder management assessment plan and engagement plan
  • Exposed to industry best practices on OCM and change toolkits
• Should be able to diagnose and strategize the need for change and articulate it well to all involved
• Should be able to lead and manage the entire change as project with reporting
• Should be able to design and plan trainings for the stakeholders involved
• Should be able to design and plan, communicate effectively throughout in the entire change cycle
• Strong and proven networking skills
• Ability to influence and draw consensus

Skills Requirements

• OCM Certified from PROSCI
• PMP / Prince 2 Certified
• Business Process Management
• Stakeholder management
• Proven previous experience in interacting with Senior members at the client side
• Business Process Improvement experience – Lean Six Sigma (Green Belt certified -desirable)
• Hands on experience in any of the industry leading BPMN tools
• Industry experience – anyone or combination of Government, Healthcare, retail, telecom, oil and gas, BSFI, airlines, manufacturing, food and beverages etc.
• Extensive experience in End-to-End Project Management – preferably in strategy and business
• 10 plus years of relevant experience in a Business / Corporate IT environment and
• Experience in leading Change management in major and complex IT transformation projects
• Experienced in working with global team
• Experience in understanding customer strategy, services and business processes
• Business Analytics knowledge
• Strong team working skills across matrixes - client, supplier and geographically dispersed virtual teams
• Strong communication and interpersonal skills (including negotiation)
• Excellent written and verbal communication skills – must be able to communicate fluently in English both verbally and in writing
• Team player
• Go getter and result oriented
• Should be able to work with minimal direction or supervision
• Open and flexible for any given work environment
• Ready to travel on short notice

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

This is a role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between developing security strategies, designing security and privacy controls, advising client stakeholders, facilitating workshops and supporting business development.

As a Cyber GRC Professional in our Cyber Security practice, you will be occupied in the following domains: a) Strategy, b) Risk, c) Compliance. As part of our team strategy you will be expected to take on responsibility and initiative early, providing you with real experience working with a wide range of major clients in EY. You will be taking responsibility for the quality of your work, while continually developing your personal and professional skills through formal training, hands-on experience and coaching.

To qualify for the role, you must have:

• Degree, or equivalent, in Information Security, Cyber Security, Information Technology, Informatics, or other similar and technical areas
• Evidence of self-motivation to continuously develop in the areas of cybersecurity
• Good organizational and time management skills with the ability to prioritize and complete multiple complex projects under tight deadlines
• Ability to translate security issues into business risks
• Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels
• Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies
• Experience, knowledge and strong interest in information and cyber security domains are essential for this role
• Experience on Cyber Governance, Risk & Compliance (GRC), Cyber risk assessments & management methodologies
• Experience on assessing, designing and implementing security strategies, governance frameworks over processes and controls, allowing organisations to optimally manage cyber security
• Experience on design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, such as ISO27001, NIST, SANS etc.
• Experience in data classification exercises and controls / mechanisms enforcement
• Working knowledge of control frameworks such as ISO 27001/27002, COBIT, NIST, ITIL, etc.
• Ability to conduct Security regulatory and compliance assessment independently
• Hands on with assessment report preparation and presenting to senior technical and business stakeholders
• Hand on knowledge of excel, PowerPoint and word
• Articulative and confident in presentation to senior stakeholders
• Ability to lead workstreams or dedicated portions of projects
• Cyber maturity assessments, recommendations, roadmap and strategy creation
• knowledge of use of and risks related to modern and emerging technologies
• Cybersecurity audit
• Ability to plan and deliver cyber security training and awareness

Ideally, you’ll also have:

• Security-related qualifications / certifications such as CISSP, SSCP, CISM, ISO27001 lead implementer or auditor, CompTIA Security+, are desirable
• Experience in Third Party Risk Management (TPRM) and / or vendor risk assessment engagements
• Experience in design and implementation of Information Security Management Systems (i.e. security policies, procedures and guidelines) according to leading International Standards
• Security-related vendor / technology certifications are desirable

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Key Responsibilities:

• Design, develop, and maintain robust data pipelines using GCP services such as BigQuery, Dataflow, Pub/Sub, CloudSQL, Cloud Composer (Airflow).
• Build and manage Airflow DAGs for orchestrating complex workflows.
• Write efficient and reusable Python scripts for data processing and automation.
• Develop solutions to move and transform data across GCP projects securely and efficiently.
• Collaborate with data scientists, analysts, and other engineers to ensure data availability and quality.
• Optimize data workflows for performance, scalability, and cost-efficiency.

Required Skills & Qualifications:

• Minimum 4 years of experience in data engineering, with at least 2+ years on GCP.
• Strong expertise in BigQuery, Dataflow, Pub/Sub, CloudSQL, Composer/Airflow.
• Proficient in Python for scripting and automation.
• Experience in designing and implementing data pipelines across GCP projects.
• Familiarity with CI/CD practices and version control (e.g., Git).
• Excellent problem-solving and communication skills.

Nice to Have:

• Experience with Terraform or other IaC tools.
• Knowledge of data governance and security best practices on GCP.
• Exposure to real-time data processing and streaming architectures.

What we look for :People with the ability to work in a collaborative manner to provide services across multiple client departments while following the commercial and legal requirements. You will need a practical approach to solving issues and complex problems with the ability to deliver insightful and practical solutions. We look for people who are agile, curious, mindful and able to sustain positive energy, while being adaptable and creative in their approach.

About the job

I

Key Responsibilities:

• Capital Assessment and Framework Refinement
• Review and benchmark ICAAP supervisory expectations against Basel III and global best practices
• Analyze capital adequacy data from Quantitative Impact Study (QIS) and ICAAP submissions to identify risk management strengths and weaknesses
• Recommend improvements to capital planning, stress testing, and ICAAP methodology
• Draft supervisory guidance and supporting policy documents.
• Liquidity Risk Evaluation and Supervisory Enhancement
• Examine liquidity risk management within ILAAP submissions, including stress testing and contingency planning
• Evaluate liquidity data and resilience under stressed conditions
• Assist in drafting supervisory expectations focusing on liquidity, governance and monitoring
• Financial product knowledge and familiarity with liquidity concepts including metrics such as LCR, NSFR and Internal Liquidity Stress Testing (ILST)
• Suggest refinements to liquidity frameworks consistent with Basel standards.
• Engagement and Implementation Support
• Partner with Banks and Financial Institutions in the Middle East to align supervisory practices across ICAAP and ILAAP
• Facilitate dialogue and integrate stakeholder feedback into guideline development
• Track regulatory developments

Required Qualifications:

• Bachelor’s or master’s degree in finance, Economics, Risk Management, or related field
• 3-7+ years of experience in prudential supervision, regulatory policy, or risk management, ideally within central banks or regulatory authorities
• Deep understanding of Basel III ICAAP and ILAAP frameworks
• Experience with QIS data analysis and regulatory submissions
• Strong analytical, communication, and stakeholder engagement abilities.

Preferred Qualifications:

• Familiarity with Middle East or GCC banking regulatory environment is a plus
• Experience in drafting prudential guidelines
• Knowledge of liquidity risk management and stress testing techniques.

Additional Information:

• Willingness to travel to Middle East locations and work on-site for extended periods
• The job locations will be in Kochi and Trivandrum, Kerala. We offer a flexible working environment.

General description

• Consultants are members in the Financial Crime and Compliance (FCC) team and will be involved in client engagements for Middle East clients on an offshore or onshore basis.
• Consultants will engage with the MENA stakeholders and GDS management to deliver client engagements or to prepare proposals in the FCC domain.
• Consultants should have good communication skills and shall be good at preparing control documents, prepare presentations and shall also be a good presenter.
• Consultants shall consistently deliver quality client services and take charge of the engagement assigned to him/her
• Consultants shall be responsible to monitor progress, manage risk and verify key stakeholders are kept informed about progress and expected outcomes
• Demonstrate in-depth technical capabilities and professional knowledge. Demonstrate ability to assimilate to new knowledge
• Possess good business acumen. Remain current on new developments in advisory services capabilities and industry knowledge
• The job could require travel (80% to 100%) to client locations in the Middle East.

Job description

• FCC Domain specialist
• Number of positions: 3
• Minimum years of Experience: 2 years

Job Profile:

• Financial Crimes Compliance Due Diligence reporting to the Due Diligence Manager, will be responsible for conducting Due Diligence as it pertains to Anti-Money Laundering (AML), Fraud, and the Office of Foreign Assets Control (OFAC) compliance. The Analyst will be a key member of the team whose mission is to comply with Due Diligence related requirements of the FATF, FINRA, FinCEN, and OFAC.
• Ensure due diligence origination compliance and credit re-underwriting reviews are conducted as instructed by the client
• Perform due diligence, including Enhanced Due Diligence (EDD), and assessing the risk of new customers to the firm, documenting findings, ensuring that management is apprised of key issues, risks, and the appropriate monitoring to mitigate risk.
• Conduct Risk Assessment & regulatory compliance review.
• Review negative news and OFAC/Watch List/Politically Exposed Persons (PEP) alerts generated by automated systems.
• Suggest revisions to policies and procedures to enhance FIU compliance efforts.
• Perform reviews to ensure proper testing methods and quality assurance
• Review and assess process flows to detect potential risks, deficient controls, non-compliance with laws and regulations.
• Analyse potential matches on swift messages/payments from local and international business units to make an informed decision,
• Refer and escalate matches accordingly as stipulated in the working instruction to originating business unit and relevant compliance department
• Maintain relevant databases and documentation and suggest controls to ensure we comply with regulations
• Provide recommendations to bring about effective controls related to sanctions screening.
• Analyse all matches from local and international business units to create informative reports.
• Analyse the rules that govern the automated systems which identify any potential matches, understanding the business logic rules that create such matches

Knowledge, education and qualification:

• Working knowledge of anti-money laundering and financial sanctions rules and regulations
• High level of analytical and problem-solving skills
• Strong PC skills (Microsoft Office with emphasis on Word, Excel and PowerPoint)
• Excellent written and oral communication skills with the ability to present information in differing degrees of details and form depending on the audience
• Attention to detail and quality assurance
• Proven ability to build strong partnerships with colleagues, desire to learn quickly, be flexible and think strategically
• Ability to multi-task, work well under pressure with commitment to deliver under tight deadline
• Strong organizational skills with ability to prioritize effectively
• MBA (Finance/Strategy/Marketing) from top 10 institutions

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.