EY FSO Digital Risk Management Senior 

United States, New York, New York 

515543045

This position could be located in NY, IL, NC, CA.

As a Consulting Senior in our FSO ITRM practice, you will lead teams through a variety of Digital Risk related experiences such as the following:

• Design, enhance and implement IT risk strategies, programs, and methodologies.
• Evaluate IT risk program capabilities and help design future state capabilities and initiatives.
• Establish IT process, risk, and control frameworks and enable their usage across various IT risk management activities.
• Profile and assess a client’s risk posture across a variety of risk assessment areas such as critical IT processes, initiatives, applications, platforms, and emerging technologies.
• Architect and design Enterprise GRC solutions (e.g., ServiceNow, Open Pages, Archer, etc.), and articulate requirements of the business
• Design GRC technology to enable effective IT risk programs.
• Deploy IT risk automation and tech-enabled risk reporting strategies and solutions.

Your key responsibilities

You will have many opportunities to lead multi-disciplinary, high performing teams to solve our clients’ challenges. As a Senior your responsibilities extend beyond fostering client relationships and supporting quality service delivery. You will also have the opportunity to coach and mentor our junior consultants and help them develop skillsets and gain valuable experiences across client serving as well as internal initiatives. This role may also require some travel (up to 50%, if needed) depending on client office location and the nature of the client engagement.

Skills and attributes for success

• Stay abreast of current business and industry trends relevant to the client's business.
• Foster relationships with client personnel at appropriate levels, and consistently deliver quality client services.
• Drive high-quality work products within agreed upon timeframes and on budget.
• Constantly develop your understanding of current market trends and processes and share your knowledge to develop junior colleagues.
• Understand our clients’ unique ambitions and needs and refer them to colleagues in other teams and areas to broaden our business relationships where possible.
• Bring innovative ideas to enable industry leading GRC programs at your clients.
• Apply fundamental principles of IT risk management to innovative technology solutions developed at our clients.

To qualify for the role, you must have

• Bachelor's degree and approximately 2+ years of related work experience; or a graduate degree and approximately 2+ years of related work experience
• Experience in IT risk transformation services such as IT risk management, GRC, data analytics, policy and standard management, issues management, or IT regulation and compliance
• Knowledge of information security management principles
• Knowledge of IT controls (application, database, operating system, data, infrastructure)
• Strong analytical and critical thinking skills
• Understanding of risk management practices and a deep knowledge and experience with applicable industry standards (FFIEC, NIST, ISO27001, COBIT, GLBA, CSA, PCI-DSS) and regulations (OCC Heightened Standards, FRB, GLBA, NY-DFS, SEC, GDPR)
• At least one relevant professional certification, such as CA, CGEIT, CIA, CIPP, CIPT, CISA, CISM, CISSP, SSCP, and CRISC.(Note: Candidates without requisite professional certification will be considered but will be required to show proof of passing the certification exam within one year of accepting an offer.)
• Leadership as well as proven project management skills
• Capability to multitask and manage multiple clients and assignments simultaneously
• Strategic thinking and ability to influence decision-making processes at all levels of an organization
• Ability to translate complex information into business terms for understanding across all levels of an organization
• Excellent written and verbal communication skills for writing reports, client presentations, and project management

Ideally, you will also have experience or familiarity with the following:

• Integrating IT risk program frameworks, methodologies and governance structure with enterprise and operational risk programs or functions
• IT risk metrics design (KPIs/KRIs), risk aggregation and reporting concepts
• Helping our clients measure risk across technology leveraging data
• IT risk assessment methodologies and strategies such as automated risk monitoring, RCSA, and other point-in-time IT reviews across people, process, and technology areas
• IT issues management and applying various risk treatment or risk instrument strategies
• Prior consulting experience with a Big 2+ firm or large financial institution
• Newer technologies and risk topics such as AI/ML, quantum computing, cloud computing, digital currency, etc.
• Prior work experience in and/or familiarity with Financial Services industry

What we look for

We are interested in highly motivated talented individuals with a strong willingness to think outside of the box. You can expect plenty of autonomy in this role, so you will need the motivation to take initiative and seek out opportunities to improve our current relationships and expand our business in the evolving market. If you are serious about consulting and ready to take on some of our clients’ most complex issues, this role is for you.

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.

Plus, we offer:

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.