Digital Risk Cebu Manila Hiring jobs at Ey in Philippines, Taguig

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of over 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team help protect the EY brand and build client trust.

Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value.

The Technology Assurance, Risk, and Policy (TARP) function within Information Security strives to create and promote a holistic Governance, Risk, and Compliance (GRC) program by creating a robust, resilient, and proactive governance framework, supported by a strategic risk management approach and stringent compliance structures. It aims to integrate and align its GRC initiatives in line with the global firm's objectives and emerging threats within the cybersecurity landscape.

Furthermore, the Policy, Risk, and Controls (PRC) Enablement & Awareness team aims to establish policies and procedures that reflect the value we place on safeguarding our digital environment, while ensuring that these policies are effectively communicated and enforced across all levels of the organization. Thedesigning control testing and risk assessment methodology to measure and quantify compliance to policies and control objectives.

TheLeader will be responsible for building and owning a control testing and risk assessment program, following the model for 1st line and 2nd line testing best-practice strategies, that routinely tests and assesses the effectiveness and efficiency of Information Security controls put in place to mitigate risks to determine if they are supporting the desired business outcomes. They will need to rank and prioritize Information Security and Information Technology controls based on their risk profiles and design testing plans, inclusive of testing procedures, which will be used to measure effectiveness while, simultaneously looking for opportunities to enhance and improve EY’s control landscape. In certain instances, they will need to plan and execute risk assessments to quantify assumptions over the risk profiles.

The Control & Risk Assessment Leader is responsible for building a team of experienced professionals to assist in executing the strategic vision and objectives of the Control & Risk Assessment testing and assessment program. The Control & Risk Assessment team will work collectively to support the Information Security Program in the areas of risk assessment methodology development and execution of risk assessments, control testing design and execution, and identification of gaps and areas of improvement utilizing testing and assessment results.

Collaboration with other Information Security groups and external stakeholders across EY is key to this role. The Control & Risk Assessment Leader will need to build a network of multi-departmental and multi-level stakeholders inclusive of, but not limited to Information Security, Client and Enterprise Technology, Data Protection, Global and Enterprise Risk Management, Internal Audit, Area and Regional Risk & Data teams, Service Line Quality Leaders, etc.

• Own and build multi-year roadmap to establish and mature theControl & Risk Assessmentprogram. This includes development of the team’s charter, identification of resource needs, ongoing monitoring systems and tool requirements, performance metrics, and workstream prioritization.
• Build and manage control testing and risk assessment service offerings aimed at identifying potential risks and validates mitigation controls by conducting regular and systematic assessments of the organization's IT infrastructure, including networks, systems, applications, and data processes.
• Based on results of assessments and testing, assist control owners with the design and implementation of their controls in the organization's IT environment. Strategize on the appropriate amount of preventive, detective, or corrective controls which will have the most impact on reducing overall risk for the firm.
• Create a 1st Line Testing framework that can be shared with control owners that will enhance security culture and support control ownership roles and responsibilities. Conduct training and awareness campaigns to facilitate the adoption of the framework.
• Appropriately balance firm security needs with business impact and benefitwhenrecommending advancements in policy and control objectives and directing those efforts to completion.
• Think strategically to assist with the development of a long-term vision for Information Security’s Technology Assurance, Risk, and Policy direction inclusive of its program improvement, technology adoption, and integration of security solutions into business objectives.
• Act as a thought leader in the firm, staying informed of changes in information security, regulatory requirements, audit standards, and industry trends, adjusting strategies, as necessary.
• Build and maintain appropriate relationships with internal and external leaders to ensure awareness and understanding of potential strategic directions.
• Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change.
• Outstanding management, interpersonal, communication, organizational, and decision-making skills.
• Ability to understand and integrate cultural differences and motives and to lead cross cultural teams.
• Demonstrate integrity and judgment within a professional environment.
• Evaluate, counsel, mentor and provide feedback on performance of others.
• Plan the training and development of staff to develop their skills and maintain state-of-the-art knowledge in information security.

• 12+ years of experience in the Information Technology, Information Security and/or Risk Management field(s).
• Audit experience or a demonstrated ability to design and test technology controls.
• 5+ years of experience in managing and mentoring junior and senior level staff.
• Experience leading global and virtual teams.
• High proficiency in technical and general writing skills in English.
• An advanced degree in Computer Science, Information Security, or a related field; equivalent work experience will be considered on a case-by-case basis.
• One or more of the following or equivalent certifications preferred: Certified Risk and Information Systems Control (CRISC), Certified Information Systems Security Processional (CISSP), Certified Information Security Manager (CISM), Certified Information System Auditor (CISA), Certified Internal Auditor (CIA), Global Information Assurance Certification (GIAC) in related area, CIPP, CIPT.

• A working knowledge of external control standards like ISO 27001, NIST 800-53, COBIT, etc. and regulatory requirements like GDPR and SOX.
• Skilled in Microsoft Office and M365 products; primarily Word, Excel, PowerPoint, SharePoint, PowerApps, and PowerBI.
• Experience with RSA Archer or other GRC tools.
• Flexibility to work outside of normal business hours when engaging with team members and stakeholders in various time zones.

As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer:

• Continuous learning: You will develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way.
• Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs.

We ensure that individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job functions and to receive other benefits and privileges of employment. Please contact us to request accommodations.

EY is committed to being an inclusive employer, and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.

Apply now.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Your key responsibilities

Your primary responsibility will be to work alongside the GDS GCO Leads for employment and contract portfolios, to assist and advise on all aspects relating to contract and employment/labour law matters.

The incumbent in the role shall:

• You will be responsible for drafting, negotiating and advising on various contracts, in particular: sponsorship contracts; meeting and events contracts; services contracts; real estate; corporate responsibility contracts.
• Possess sound understanding on contract and employment/labour laws in Philippines and work with the other GDS jurisdictions to oversee advice and strategy on employment law matters. Have experience on matters of employee hiring and separation.
• Create documents of support relating to employment law and employee relations, including memos and templates in compliance with legal requirements.
• Support the Employment Lead and HR teams in formulating and/or revising Policies.
• Advice, support and oversee matters of corporate transactions, corporate secretarial matters and independently advice on disputes and litigations.

Skills and attributes for success

• Sound knowledge and understanding of contract and employment/labour laws of Philippines, together with experience of working with other jurisdictions in a global corporate environment.
• Commercial awareness of the business issues facing the GDS organisation across locations.
• The ability to translate complex legal advice into practical advice for a range of stakeholders who may be unfamiliar with the legal environment.
• Build & maintain trusted and effective inter-personal relationships and adopt a sensitive approach to intercultural contacts, communication and ways of working.
• Highest standards of excellence and personal integrity.
• Being flexible, organised and adaptable; able to work effectively in a fast-paced environment and prioritise key areas of responsibility where deadlines may conflict.
• Strong personal communication skills, including an excellent command of the English language.
• Sound decision-making based on risk assessment and evaluation.
• Ability to operate with limited supervision, whilst keeping leadership abreast of key matters.
• Strong written skills, including drafting legal advice, contracts and policies.
• Working knowledge of Excel, Word & PowerPoint. Demonstrated comfort in use and adoption of technology and tools for streamlining legal support.

To qualify for the role, you must have

• A graduate/post graduate degree in Law.
• Professional qualification/certification in Philippines.
• Strong cross border experience working in a global environment.
• At least 10 years of relevant experience.

• Ideally, prior experience of working in an In-house Legal Department supporting commercial contracts and employment law portfolios.
• Proficiency in English: Candidates must demonstrate a high level of proficiency in English, both written and spoken. This is essential for effective communication within our team and with our clients. Preferably, candidates should possess a recognized certification of English proficiency (e.g., TOEFL, IELTS, Cambridge English Qualifications) to validate their language skills.

You get to work with inspiring people in meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around;
• Opportunities to develop new skills and progress your career;
• The freedom and flexibility to handle your role in a way that’s right for you;

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities andcreativefreedom to make things better.Whenever you join, however long you stay, the

Apply now

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Position Details

Ever-increasing regulations require audit departments to gather, organize and analyses more data than ever before. Often the data necessary to satisfy these ever-increasing and complex regulations must be collected from a variety of systems and departments throughout an organization. Effectively and efficiently handling the variety and volume of data is often extremely challenging and time consuming for a company.GDS Assurance Digital provides solution architecture, application development, testing and maintenance support to the global Assurance service line both on a pro-active basis and in response to specific requests.

Requirements (including experience, skills and additional qualifications) A Bachelor's degree (BE/BTech/MCA & MBA) in Computer Science, Engineering, Information Systems Management, Accounting, Finance or a related field with adequate industry experience.

Technical skills requirements

• 2-3 Years development experience in Python
• Python data structures, ORM Libraries
• Must have experience in REST, Flask/Django, Building API and TPS
• SOLID Principal, OOPS
• GIT
• Building Desktop application using Python framework
• Good experience in hosting application in Azure Containers/Web apps and Azure functions
• Hands on with any of Structured (SQL, My SQL etc..,) and Unstructured DB (Mongo, NO SQL)

Nice to have skill

• Experience in Azure DevOps
• Jenkins, ArgoCD, Terraform, Redid, Dynamodb
• Experience in Agile / Scrum methodologies
• Experience in Azure Databricks (jobs creation and scheduling)

Analytical/Decision Making Responsibilities:

• An ability to quickly understand complex concepts and use technology to support data modeling, analysis, visualization or process automation
• Selects appropriately from applicable standards, methods, tools and applications and uses accordingly
• Ability to work within a multi-disciplinary team structure, but also independently
• Demonstrates analytical and systematic approach to problem solving
• Communicates fluently orally and in writing and can present complex technical information to both technical and non-technical audiences
• Able to plan, schedule and monitor work activities in order to meet time and quality targets
• Able to absorb rapidly new technical information, business acumen, and apply it effectively
• Ability to work in a team environment with strong customer focus, good listening, negotiation and problem-resolution skills

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Ever-increasing regulations require audit departments to gather, organize and analyses more data than ever before. Often the data necessary to satisfy these ever-increasing and complex regulations must be collected from a variety of systems and departments throughout an organization. Effectively and efficiently handling the variety and volume of data is often extremely challenging and time consuming for a company.GDS Assurance Digital provides solution architecture, application development, testing and maintenance support to the global Assurance service line both on a pro-active basis and in response to specific requests.

Requirements (including experience, skills and additional qualifications) Education & Experience:

• A bachelor's degree (human-computer-interaction, human-factors, graphic design, computer science, information systems, engineering preferred) or equivalent work experience
• Master's degree preferred
• 5 - 7 years of relevant experience
• Managements experience a plus

• Knowledge of agile practices, design thinking, visual design, interaction design, information architecture, and design industry trends
• Must be well versed in the principles of design and fully comprehend the design elements to ensure user interface is usable in every sense.
• Experience in iterative product design planning and development
• Strong experience in Adobe XD and Figma is must
• Experience creating and working with design systems and/or UI pattern libraries
• Fluency with design tools, most notably Sketch, Invision, Axure RP, OmniGraffle, Illustrator, Photoshop, InDesign, and/or other UX and prototyping software
• Ability to simplify and turn complex interactions into intuitive user experiences
• Experience with planning and facilitating usability testing a plus
• Strong skills in typography, composition and layout with a good eye for detail.
• Highly conceptual thinking skills, and enjoy brainstorming and developing initial ideas through to completion.
• Adept skills in Adobe Creative Suite and other industry standard design tools.
• Experience in creating UX deliverables using industry standard tools, i.e. Interface Sketches, user/web flows, personas.

Analytical/Decision Making Responsibilities:

• Ability to drive an engaging design
• UX evangelist
• Ability to clearly articulate both problems and proposed solutions
• Proactive approach to identifying issues and presenting solutions and options, and where appropriate, leading to resolution
• Ability to prioritize personal and team workloads to best meet organizational objectives
• Be a passionate advocate for the user and incorporate customer insights and principles throughout the creative process

• The expectations are that a Senior will be able to maintain long-term client relationships and network and cultivate business development opportunities
• Provide high quality client services by directing daily progress of engagement work, informing engagement manager of engagement status, and managing staff performance.
• Must have presentation skills ' ability to create PowerPoint deck to communicate solution architecture to various stakeholders.
• Should have understanding and experience of software development best practices
• Excellent business communication, Consulting, Quality process skills
• Must be a team player

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

The Technical Specialist will be responsible for developing and maintaining different technologies created within Business Solutions & Automation. They will also be working closely with different Construct to ensure projects are created based on requirements.

• Create and maintain data insights through a range of analytical products such as Power Platforms (Power Bi, Power Apps, Power Automate), Azure Data Factory and SQL
• Work closely with tech leads to ensure all requirements are addressed and accurately reflect business needs.
• Collaborate with diverse stakeholders to maintain data integrity and deliver insights of the highest quality.
• Create technical documentation and prepare reference materials for users.
• Collaborate with the project coordinator and POD lead to discuss development updates.
• Maintain knowledge of technology innovations and trends.• Strong attention to detail with good interpersonal and problem-solving skills.
• Being a quick learner and demonstrating adaptability to change.
• Exceptional organizational skills with the ability to manage multiple tasks with conflicting demands and timeframes.
• The ability to function well in high pressure situations and manage the expectations of stakeholders.
• Ability to understand business processes and willingness to identify and communicate areas for improvement.
• Open to working across different time zones and travelling on an as-needed basis.
• Integrity in a professional environment.
• Strong communications skills both verbal and written.• A degree in Data Science, Data Analytics, or a closely related field.
• 0-2 years of experience working with data – including, but not limited to:
- Creating dashboards and visualizations
- Using ETL tools to wrangle data into appropriate formats
- Running queries in a data warehouse to obtain answers for a variety of stakeholders
• Though not mandatory, knowledge in Fabric and Figma will be considered a plus.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

We support end-to-end engagement lifecycle and project management activities that are essential to every engagement, region and competencies. We help in project coordination & management, financial analysis, engagement compliance & governance requirements across industries and countries.

• CSS consultants enhance service delivery by ensuring that deadlines are met, the project is efficiently managed, and there is proactive coordination /communication
• Provide appropriate support to engagement team by coordinating, supporting or performing tasks that lead to efficient and effective engagement management, from initiation to post-engagement feedback/debrief activities
• Assist engagements with engagement economics matters (e.g., hours/ budgets/ estimates to complete, fees, billings, Work in process-WIPs); collaborate with Financial Management Associate (FMA)
• Work with teams to book staff on MERA or Retain per the Resource allocation process
• Act as a central point of contact for the assigned engagement(s)
• Function as knowledge manager for the engagement team; manage databases and/or websites
• Play active role in multi-location engagement coordination and communication, including reporting/remediating unforeseen situations and plan variances
• Interface regularly with engagement personnel, develop strong working relationships and leverage information gained to anticipate client needs
• Be knowledgeable about the services the engagement provides and utilize that knowledge to make suggestions and/or recommendations
• Capture, distribute and share knowledge and information through agreed upon channels to key stakeholders
• Communicate relevant client information to account teams via regular cross-service line Newsletters
• Assist with ad-hoc project work at the request of the account teams (both external and internal client focused)
• Perform regular checks and review the work of Staff / Associate resources to ensure quality of delivery
• Support engagements requiring Korean bilingual support

• Task Specific
• Strong communication skills (verbal and written) in English
• Korean Language Competence Level 5 to 6
• Strong attention to detail even when dealing with routine tasks
• Ability to meet tight deadlines
• Ability to ensure that work is of a consistently high standard
• Ability to multi-task projects and assignments in order of priority
• Team player with willing and enthusiastic approach
• Excellent interpersonal skills, internally and externally
• Ability to plan ahead and anticipate potential problems before they arise
• Ability to do in-call or face-to-face translation

• Personal Attributes
• Professional, confident and outgoing
• Robust and resilient disposition
• Ability to function as part of a team
• Organized and self-disciplined
• Calm and capable of juggling conflicting demands on time and of prioritizing effectively
• High degree of accuracy
• Can thrive in an agile environment
• Confident to deal with senior level contacts, internally and externally
 Role is open either in Taguig or Cebu.

• A Graduate, preferably B.Com/BBA//MBA/Economics Graduates
• 3.5 to 5 years general business experience with an exposure to international work environment would be an advantage
• IT Skills - experience of using MS Office PC based system - Experience with MS Office 365 (Excel, Power Point, Word, Outlook, Power Apps etc.) and windows based PC
• Preferred to have TOPIK 2 Level 3-6 Level
• Preferred to have data collection and research background

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you.

Apply now.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

• Ensure the delivery of third-party risk management engagements, which involve performing security assessments of the client’s third-party service providers. This involves:
o Performing security assessments of new and existing service providers
o Assessing vendor answers and follow up with vendor directly for questions
o Conducting a risk analysis and assessment of vendor information and documentation against a client’s IT security and data privacy requirementso Defining appropriate risk levels and corrective actions
o Identifying issues and work with vendor to resolve/accept
o Following up on corrective action plans
o Maintaining issues/items tracker and status updates for each vendor review
o Provide risk acceptance and/or risk remediation recommendations
• Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress.
• Execute the engagement requirements, along with review of work by junior team members.
• Help prepare reports and schedules that will be delivered to clients and other parties.
• Develop and maintain productive working relationships with client personnel.
• Build strong internal relationships within EY Consulting Services and with other services across the organization
• Contribute to people related initiatives including recruiting and retaining Cyber Transformation professionals
• Maintain an educational program to continually develop personal skills of staff
• Understand and follow workplace policies and procedures
• Building a quality culture at GDS
• Help senior team members in performance reviews and contribute to performance feedback for staff/junior level team members
• Manage the performance management for the direct reportees, as per the organization policies.
• Foster teamwork and lead by example
• Training and mentoring of project resources
• Participating in the organization-wide people initiatives

• Hands-on experience of more than 5 years with key components of cybersecurity including (but not limited to):
o Vendor Risk Management
o Cyber Strategy & Governance, Cyber Transformation, Cyber Dashboarding
o Regulations/standards such as ISO 27001, PCI DSS, HIPAA, HITRUST, GDPR, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53• Must have experience in working in client facing roles, interacting with the third parties, assessing different kinds of environments (IT and non-IT) and ability to apply cyber security concepts in all these sectors.
• Must have experience in assessing OT infrastructure (PLC, SCADA devices, etc).
• Good understanding of Secure SDLC concepts.
• Hands-on experience in network device (firewalls, routers etc.) configuration review is a plus.
• Should have a good understanding of VAPT process, common application security vulnerabilities, exploitation techniques and remediation measures.
• Good knowledge on Network Security and network architecture diagram reviews, access and perimeter control, vulnerability management and intrusion detection, firewall rule-based reviews.
• Good understanding of logging and monitoring tools (SIEM). Hands-on in any one of the SIEM tools is a plus.
• Must have a good understanding of cryptographic concepts.
• Strong understanding of Cloud Security in (specifically MS Azure.)
o Knowledge in other cloud platforms is a plus.

To qualify for the role, you must have:

• BE - B. Tech / MCA / M. Tech/ MBA with background in computer science and programming.
• Strong Excel and PowerPoint skills.
• Should be proficient in leading medium to large engagements and coach junior staff.

Ideally, you’ll also have

• Project management skills.
• CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer.

What we look for

• A team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills.
• An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide.
• Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

Apply now

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.