EY GDS Risk Advisory - Cybersecurity Third Party Security Risk Management Associate Consultant in All, Philippines
Title: GDS Risk Advisory - Cybersecurity Third Party Security Risk Management Associate Consultant
Location: PH-All-Taguig City
Job Number: TAG0001V
The Cybersecurity Transformation Consultants have primary responsibilities in driving EY’s Third Party Security Risk Management programs, including but not limited to the following: Assessment, Governance, Mitigating Controls and Methodologies. Candidates are expected to work actively on customer projects which involves a wide range of activities in the areas mentioned.
Your key responsibilities
• Engage in Cyber Transformation projects and work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on the engagement’s progress
• Review working papers and client folders. Suggest ideas on improving engagement productivity and identify opportunities for improving client service
• Manage the engagement budgets and support in developing marketing collaterals, business proposals and new solution / methodology development
• Perform Information Security Risk Management for Critical, High, and Moderate rated third party providers
• Design and implement methodology to consolidate and manage vendor inventory, classifications, concentration risk and other key risk indicators
• Advise clients on the IT security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the systems
• Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
Skills and attributes for success
• Proven knowledge of cyber / information security concepts
• Experience in vendor security risk management (Risk Assessment, Risk Governance, Mitigation Controls, Risk Methodologies)
• Good Familiarity with regulatory standards and frameworks such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, NIST standards on Cyber Security, HITRUST, FISMA, HIPAA, MAS, ITIL, COBIT etc.
• Proven knowledge and experience with technical requirements gathering, verification/validation planning, compliance assessment and reporting
• Certifications: ISO 27001 Lead Auditor and Lead Implementer
To qualify for the role you must have
• Bachelor's Degree
• 1-3 years' relevant work experience
• Must be amenable to work in McKinley Hill, Taguig and/or Makati and/or Ortigas
What working at EY offers
• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you
As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
Join us in building a better working world.