EY Technology Consulting - Senior Consultant 

Ireland 

184210553

Technology Consulting-GRC, Senior Consultant :

General Information

Available for Work Visa Sponsorship: No

Contract Type: Full-Time – Permanent

Key activities for this role include the following:

• Identifying industry standards and regulatory guidelines for managing information security in order to minimise the risk of compromise of sensitive business systems.
• Leading the development, maintenance, and evaluation of organisational security policies and procedures, and working closely with engineering and operations teams to ensure systems controls meet security requirements.
• Managing and following up on the results of audits of system security and remediation efforts.

Key Responsibilities

• Design, implement, and maintain the overall IT/cyber security risk management framework across client organisations
• Perform ongoing oversight and monitoring to ensure compliance by clients with the IT/security risk management framework
• Support and challenge the assessment of IT and Security risk across all relevant areas of clients and escalate risk and control issues to the clients Chief Risk Officer as required
• Design and implement appropriate reporting on IT and Security risk status to the Board and appropriate committees
• Report and monitor the status of this to ensure risks remain within risk appetite and escalate any concerns to the clients Chief Risk Officer as required
• Support and challenge client’s IT with its ongoing/periodic Risk and Control Self-Assessments (RCSAs) and perform Quality Assurance on RCSAs to feedback any concerns
• Help drive the mitigation of key IT/security risks by identifying and recommending changes to policies and procedures, control enhancements, etc. as needed
• Maintain awareness of emerging IT/security risks and trends and raise awareness of such risks to the clients' Board, Senior Management, and governance fora/committees as appropriate
• Identify relevant IT/security regulations, interpret relevant requirements and disseminate these accordingly in the form of actionable requirements to the client’s functional areas
• Provide risk management guidance to client’s business and IT teams on IT Outsourcing requirements and initiatives
• Provide interpretation of IT/security-related regulations and guidelines and disseminate this to clients and monitor compliance with such regulations
• Develop and monitor IT/security policies and procedures (e.g. IT policy, Information Security policy, Cyber Security policy, Outsourcing policy) and implement a schedule of regular reviews to ensure that policies are kept relevant and aligned to industry expected standards
• Work in conjunction with relevant business stakeholders to ensure implementation of operational risk policies, standards, and procedures to achieve effective mitigation and treatment of IT and Security risks
• Define, develop and implement appropriate IT/security risk assurance capability and associated risk reporting (including key risk indicators)
• Work closely with the Chief Risk Officer to drive the continued development of the IT/Security risk management framework

Qualifications & Experience

• + years of experience in IT/Security Risk Management in either a first line or a second line capacity. IT Audit experience is also helpful
• Experience in developing and maintaining Technology and Security risk frameworks, policies, and guidance
• The ability to develop and foster strong relationships with relevant business stakeholders;
• Proven communication skills, ability to work effectively with and influence stakeholders at all levels of an organisation
• Strong understanding of technology/security risk and control and the business impacts of these risks, in particular, how they impact clients and their reputation
• Strong communications skills, proven ability to work effectively with and influence the actions of stakeholders at all levels of clients. Credibility to influence Senior Management and wider internal and external stakeholders
• Strong interpersonal skills and a team player;
• Professional or third level qualification ideally in Risk, Compliance, Information Technology, Business or Finance
• Knowledge of Operational Risk requirements and industry guidelines for IT and security risk management and mitigation within financial services
• Good knowledge in relevant IT/Security domains (e.g. Application Development, Change Management, Application Security, Security Operations, Cyber Security Monitoring, Vulnerability Management, Incident Management, Identity and Access Management or Cloud Security/Infrastructure)
• Professional certifications in the field of Operational Risk Management, IT Risk Management, Information Security, Cyber Security, etc. are highly recommended (e.g. CRISC, CISA, CISM, CISSP, ITIL, COBIT 2019, ISO2700X, NIST CSF, etc.)
• Successful history in performing internal and/or external audits, including a focus on IT, Information Security, IT Continuity and Resilience, IT Disaster Recovery, and IT Outsourcing risk
• Successful history of third-party risk management experience. Experience performing third party risk assessments in areas including but not limited to Privacy and Information Security

We offer a competitive remuneration package. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:

• Support and coaching from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

All our employees are given a benefits package which they can tailor to suit their individual preferences. Our range of benefits include:

• Pension
• Maternity & Paternity leave
• Discounted health insurance
• Bike to work Scheme
• Web Doctor - Free unlimited online GP consultations for you and your family
• Recognition Awards
• The purchase of additional annual leave
• Cash incentives for referrals
• Hybrid Working
• Work Mobile
• Free Gym membership ·
• TECH MBA paid by EY
• Travel Pass
• Wellness rooms Available in some offices

Career Progression

• When you join EY, you will be supported to ensure that you are enhancing your skills from day one.
• Continuous learning, where you can develop the mindset and skills to navigate whatever comes next.
• As you grow and develop here, you’ll discover opportunities to help customise your career journey, so that it’s as unique as you are - success is defined by you, we will provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership, we will give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture, you will be embraced for who you are and empowered to use your voice to help others find theirs.
• We have embraced Hybrid working at EY adding greater flexibility and autonomy to the roles of our employees.

Inclusion & Diversity

We recognise the strength that comes from having a diverse workforce and building a culture where we support all our people to achieve their potential. You’ll be embraced for who you are and empowered to use your voice to help others find theirs.