EY GDS Risk Advisory - Cybersecurity Third Party Security Risk Management Associate Consultant in All, Philippines

Title: GDS Risk Advisory - Cybersecurity Third Party Security Risk Management Associate Consultant

Location: PH-All-Taguig City

Job Number: TAG0001V

Job Summary

The Cybersecurity Transformation Consultants have primary responsibilities in driving EY’s Third Party Security Risk Management programs, including but not limited to the following: Assessment, Governance, Mitigating Controls and Methodologies. Candidates are expected to work actively on customer projects which involves a wide range of activities in the areas mentioned.


Your key responsibilities

• Engage in Cyber Transformation projects and work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on the engagement’s progress

• Review working papers and client folders. Suggest ideas on improving engagement productivity and identify opportunities for improving client service

• Manage the engagement budgets and support in developing marketing collaterals, business proposals and new solution / methodology development

• Perform Information Security Risk Management for Critical, High, and Moderate rated third party providers

• Design and implement methodology to consolidate and manage vendor inventory, classifications, concentration risk and other key risk indicators

• Advise clients on the IT security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the systems

• Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets

Skills and attributes for success

• Proven knowledge of cyber / information security concepts

• Experience in vendor security risk management (Risk Assessment, Risk Governance, Mitigation Controls, Risk Methodologies)

• Good Familiarity with regulatory standards and frameworks such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, NIST standards on Cyber Security, HITRUST, FISMA, HIPAA, MAS, ITIL, COBIT etc.

• Proven knowledge and experience with technical requirements gathering, verification/validation planning, compliance assessment and reporting

• Certifications: ISO 27001 Lead Auditor and Lead Implementer

To qualify for the role you must have

• Bachelor's Degree

• 1-3 years' relevant work experience

• Must be amenable to work in McKinley Hill, Taguig and/or Makati and/or Ortigas

What working at EY offers

• Support, coaching and feedback from some of the most engaging colleagues around

• Opportunities to develop new skills and progress your career

• The freedom and flexibility to handle your role in a way that’s right for you

About EY

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Join us in building a better working world.

Apply now.