EY Manager TPRM Cyber Security Financial Services 

United Kingdom, Scotland, Edinburgh 

360841155

Your key responsibilities

You will support our clients across a range of Third Party Risk Management (TPRM) issues and challenges and enable our clients to better manage the broad range of risks in their increasingly complex supply chains. In addition, you will play a key role in supporting the development of new business opportunities.

You can expect leading-class learning and development tailored to your unique interests and motivations. You’ll be given all the skills, knowledge and opportunities to progress and become ready to build a better working world for our people, our clients and the communities that support us.

Client responsibilities

• Managing a portfolio of TPRM engagements with our clients, responsible for the day-to-day running of the engagements including meeting quality, time and budget targets
• Working with prospective clients to agree, scope and plan the delivery phase of engagements
• Drive go-to-market strategy for TPRM services, including thought leadership, solution development, and alliance partnerships.
• Champion the use of emerging technologies (e.g., AI, automation, continuous monitoring platforms) to enhance TPRM capabilities.
• Oversee the design and implementation of scalable TPRM operating models and tooling (e.g., ServiceNow VRM, Archer, ProcessUnity).
• Lead the development of next-generation TPRM capabilities, including continuous monitoring, ESG risk integration, and AI-driven risk intelligence.
• Provide subject matter guidance on evolving regulatory frameworks (e.g., DORA, EBA Outsourcing, PRA SS2/21) and their impact on third-party ecosystems.
• Lead regulatory response programmes and remediation efforts for clients.
• Mentor and develop future leaders within the Cyber & Resilience practice.
• Contribute to practice growth through recruitment, capability building, and internal training initiatives.
• Creating thought leadership and market materials for selling and promoting EY Cyber and TPRM offerings
• Oversee financial aspects of engagements by organising staffing, tracking fees and communicating issues to engagement partners

People responsibilities

• Develop people through effectively supervising, coaching, and mentoring staff
• Conduct performance reviews and contribute to performance feedback for staff
• Contribute to people initiatives including recruiting, retaining, and training Cyber and TPRM professionals
• Recognise the value of teamwork, facilitating and encouraging collaboration amongst team members and motivate teams to maximise performance

• Lead internal communities of practice focused on innovation, regulatory change, or sector-specific TPRM challenges.

To qualify for the role, you must have

• Project experience and client knowledge gained from professional practice across a number of TPRM engagements, including aspects of Compliance, IT Risk Management, Cyber, Resilience, and Privacy.
• Team leadership and management experience, including the coaching and mentoring of more junior staff and direct reports
• Strong academic record, ideally to a bachelor’s degree-level or equivalent industry experience
• Awareness and understanding of National and International Security Standards (e.g., NIST, ISO27001), reporting standards (e.g., SOC/ISAE), and privacy or TPRM regulations, such as UK Data Protection Act, GDPR, DORA, etc.
• Willingness to travel
• Creative and independent with good problem-solving skills
• Excellent written and verbal communication skills for report writing, client presentations, and project management
• At least 8 years of relevant experience (desirably within resilience, cyber, or TPRM). Preferably with experience in a consulting role in a leading consultancy firm.
• Proven track record of delivering complex, multi-stakeholder programmes in regulated industries

• Strong commercial acumen and experience managing large client accounts or portfolios.

Ideally, you’ll also have

• Experience in Financial Services, Government Organisations, or the Military
• Industry related certification preferred (e.g., CISSP, CISA, CISM, CRISC, ISO27001 Lead Implementer/Auditor)
• Solution related experience, such as the use of platforms like ProcessUnity, ServiceNow, and Azure

What we look for

We offer a competitive remuneration package. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:

Continuous learning:You’ll develop the mindset and skills to navigate whatever comes next.

Diverse and inclusive culture:You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

Apply now.

Please note: Prior to finalizing your application, you will be asked to provide personal information across several dimensions of diversity and inclusiveness. The information you provide is kept entirely confidential and will not be used to evaluate your candidacy. We collect this data to help us analyse our recruitment process holistically and implement actions that promote diversity and inclusiveness. While optional, we encourage you to provide this information to hold us accountable towards our goal of building a better working world. We ask because it matters!