EY FS-Risk-Management-ITRM-Staff 

India, Karnataka, Bengaluru 

475942875

In your role as a staff member in Information Technology Risk Management (ITRM) within Risk Consulting, you will provide technical support to client engagements and internal initiatives aimed at transforming risk. You will be responsible for recognizing potential risks during engagements and communicating any concerns to the senior team members.

Client responsibilities

• Ability to collaborate effectively within Information Technology Risk Management (ITRM) project teams
• Positive approach to teamwork, taking ownership, and exchanging knowledge
• Engage with the project team to ensure open communication, identify potential risks, and discuss strategies for risk mitigation
• Competence in designing and suggesting solutions tailored to customer needs based on their specified requirements
• Assist in the creation of reports and schedules that will be presented to clients and relevant stakeholders
• Contribute to the development of reports and timetables for delivery to clients and other interested parties.
• Build and keep up constructive working relationships with client contacts.
• Willingness to travel to client sites or other EY offices as required.
• Strong skills in documentation and communication.

People responsibilities

• Professionals with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment
• Works cross-functionally with team members to support and drive a collaborative team environment
• Understands client s business environment and basic risk management approaches

Mandatory skills requirements

• Possessing 1-3 years of expertise in IT Security, Information Security, Cyber Security, or Cloud Security
• Proficient in conducting IT Audits, managing IT General Controls, and IT Attestation (including SOC1/SOC2 Reporting), as well as SOX-ITGC compliance
• Understanding of IT Risk Management frameworks for the identification, analysis, mitigation, monitoring, and communication of IT risks
• Experienced in validating IT controls, conducting tests, and pinpointing control gaps
• Ability to create IT/Information security policies, standards, and guidelines
• Familiar with leading industry frameworks and standards such as NIST-CSF, ISO27001, ITIL, COBIT, PCI-DSS, CSA-CCM, CCSK, ISO27017, and others

Preferred skills

• Experience in conducting IT Risk Assessments and IT Controls Testing
• B.E/B.Tech (Electronics, Electronics & Telecommunications, Comp. Science) /M.E. / M.Tech, MBA/M.Sc. having experience with other Big3 or panelled IT/ ITeS companies

Certifications (Preferred)

• Relevant professional certifications such as ISO27001, ITIL, COBIT, etc.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.