EY Consultant - Business Consulting Risk 

India, Karnataka, Bengaluru 

177850792

Requisition Id : 1599048

TMT :

Industry convergence offers TMT (Technology, Media & Entertainment, and Telecommunications) organizations the chance to evolve and transform, but it also presents challenges around competitiveness and delivering agile corporate strategies for growth.

CNS - Risk - Process & Controls :

Financial Services Risk - helps clients in the financial sector to identify, manage and monitor the risks in their business. It is done through a transformative and agile approach including process and procedures, risk, data modeling and analytics, reporting to stakeholders and third parties, business requirements (for software selection and IT implementation), analysis of assets and liabilities, and capital and liquidity management.

Technical Excellence

• Responsible for supporting Access provisioning processes including request creation, risk analysis, access modification and access revocation.
• Support IT risk and controls assessments, including ITGC testing, access management reviews, and IT compliance evaluations.
• Assist in conducting user access reviews, role-based access analysis , and Segregation of Duties (SOD) assessments within ERP environments (SAP/Oracle).
• Participate in the review and implementation of Multi-Factor Authentication (MFA) and other identity and access management (IAM) controls .
• Collaborate with IT security, risk, and audit teams to document IT processes, risk control matrices (RACM), and remediation plans .
• Support audit and compliance engagements , including gathering evidence, performing walkthroughs, and documenting findings for internal and external audits.
• Analyse cloud security controls and ERP security configurations to ensure adherence to industry best practices.

Assist in identifying process improvement opportunities for IT risk management programs

Skills and attributes

• Experience in end to end Access Management lifecycle – provisioning, de provisioning, risk analyses, SOD checks etc.
• Basic understanding of IT risk management, access controls, and internal control frameworks .
• Familiarity with ERP security concepts (SAP, Oracle) and cloud environments.
• Knowledge of Multi-Factor Authentication (MFA) , identity management, and user provisioning principles.
• Strong analytical, problem-solving, and communication skills .
• Detail-oriented mindset with the ability to document and analyse IT control environments .
• Ability to work in fast-paced, client-facing environments and collaborate effectively with cross-functional teams

To qualify for the role you must have
Qualification

• Bachelor’s degree in Information Technology, Computer Science, Finance, Accounting, or a related field.
• 1-3 years of relevant experiencein IT risk, internal controls, access management, or IT audit.
• Proficiency in Microsoft Office tools (Excel, Word, PowerPoint).
• Basic knowledge of IT General Controls (ITGCs), user access reviews, and IAM principles .
• Familiarity with regulatory requirements (e.g., SOX, GDPR, ISO 27001 ) preferred.
• Certifications such as CISA, Security+, or equivalent are preferred but not mandatory.

1-3 years of relevant experience.

What we look for

People with the ability to work in a collaborative manner to provide services across multiple client departments while following the commercial and legal requirements. You will need a practical approach to solving issues and complex problems with the ability to deliver insightful and practical solutions. We look for people who are agile, curious, mindful and able to sustain postivie energy, while being adaptable and creative in their approach.

What we offer

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.