EY Technology Risk Management Leader Client 

Poland, Masovian Voivodeship, Zgorzała 

614606721

Technology Risk Management Leader for Client Technology

Hybrid model: 2 days office/3 days remote

The opportunity

• The Technology Risk Management (TRM) Leader is responsible for overseeing the technology risks management activities within Client Technology (CT), whose mission is to create distinctive products, platforms and solutions to deliver long-term value to EY clients.

The TRM Leader, inside Client Technology:

• Aligns technology risk management with CT’s vision, mission, strategy and priorities,
• Focuses on technology risks associated with software ideation, design, development, test, deployment and operations,
• Collaborates with all CT Functions to support them identifying, classifying, prioritizing, assessing, preventing, mitigating, responding, monitoring and reporting technology risks to ensure CT's products, platforms and solutions are secure and compliant with relevant regulations and standards,
• Collaborates with Technology Officers (TOs) to support them in managing technology risks with their respective Service Lines,
• Integrates with the overall Performance Excellence framework and objectives (Performance Metrics and Measurement, Delivery Continuous Improvement, Asset Management, Quality Assurance and Compliance).

The TRM Leader, outside Client Technology:

• Collaborates with other EY organizations working on risk management, such asGlobal Risk Management (GRM)for strategic direction on governance, risk, compliance andInfosec (IS)for security management.
• More specifically, partners closely with theTechnology Assurance Risk and Policy (TARP)team, part of Infosec, to align the global technology risk framework with the CT’s strategy and priorities.

Your key responsibilities

• Develop and implement a priority-based approach to manage technology risks related to software products, platforms and solutions managed by CT.
• Facilitate operationalization and maintenance of the technology risk management framework using EY risk framework and industry standard models (e.g., COBIT5, ITIL, NIST) as references.
• Advocate for funding and skilled resources necessary for risk management initiatives.
• Work collaboratively with a team of technology risk professionals, both inside and outside CT.
• Support and sponsor the integration of technology risk best practices into CT processes.
• Support and sponsor audit pipeline and onboarding.
• Monitor emerging technology risks (e.g. risks arising from using AI technologies).
• Foster compliance with relevant regulations, standards, and internal policies.
• Act as the change agent in the identification and execution of technology risk-related initiatives.
• Monitor and report on the effectiveness of technology risk management activities and controls.
• Provide guidance and support to CT’s sub-functions on technology risk management matters.
• Keep up with the latest developments in technology risk management, cybersecurity and data privacy.

Skills and attributes for success

• Bachelor's Degree in Computer Science, Management Information Systems, Risk Management, or a related field. A Master's degree is preferred.
• A minimum of 10 years of experience in technology risk management, cybersecurity and data privacy or a related field.
• Strong knowledge and hands-on experience with technology risk management frameworks and standards (e.g., ISACA/COBIT, ITIL, NIST, ISO/IEC 27000, 31000 & 22301, ISQM).
• Strong stakeholder engagement and management capabilities. Comfortable interacting professionally with all levels of management and subject matter experts, able to build strong working relationships across multiple departments/functions and collaborate effectively.
• Excellent project management skills and the ability to manage multiple projects simultaneously across a widely dispersed group of stakeholders.
• Strong analytical and problem-solving skills.
• Excellent communication, influencing and interpersonal skills.
• Relevant certifications (e.g. CISA, CISSP, CRISC, CISM, CPA, CIA, PMP, AWS, CIPP, CIPT, CRM) are preferred.
• TheTechnology Risk Management Leaderwill report to theCT Performance Excellence Leader.
• This role requires occasional travel to company locations across the world.

What we look for

• A self-starter, independent-thinker, curious and creative person with ambition and passion

What we offer

EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across ten locations – Argentina, China, Hungary, India, the Philippines, Poland, Sri Lanka, Mexico, Spain and the United Kingdom – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career.

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

In compliance with the requirements of the Whistleblower Protection Act, our company has established the Procedure for reporting breaches of law and undertaking appropriate follow-up actions. Any misconduct should be reported through the EY Ethics Hotline.