EY GDS Risk Advisory - Risk Transformation Manager in All, Philippines

Title: GDS Risk Advisory - Risk Transformation Manager

Location: PH-All-Taguig City

Job Number: TAG0002D

Every challenge and every opportunity an organization faces today demands change. And with change comes risk. Some risks you can see, some you can predict, some you can plan for, and some you can’t.

Organizations are not created to manage risk; they are created to generate value as part of a broader aspirational purpose. That purpose is achieved through a series of strategic business decisions that require taking risks — these risks impact business performance. Organizations that identify, manage and respond to these risks well are positioned to grow and remain successful.

Our understanding of the issues around risk — the risks you can see as well as the ones you can’t — inspire us to ask better questions. By working globally with organizations, we can create innovative answers that help enhance and accelerate business performance.

Transforming the way they manage risk requires business to challenge the way they think about, identify, manage, and, respond to it. Organizations need to look beyond manageable risks (financial, operational, regulatory), better align their risk and business objectives, improve coordination and alignment of risk activities across the organization, and more effectively leverage technology so that they can better respond to their different risks.

Together, we can help deliver better outcomes and long-lasting results, from strategy to execution.

The Opportunity

As organizations look to leverage the advantage IT offers, we’ll work with you to develop the consultancy and analytical skills that you’ll need in today’s environment. Working on projects that cross borders and sectors, the experiences you gain here will be more valuable than anywhere else. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

By joining our Risk Transformation Team, you will help us deliver world-class service and work as part of diverse talent pools across borders in a way that strengthens us globally and empowers us locally.

Your key responsibilities

The Risk Transformation Manager will provide guidance and share knowledge with team members and participate in performing procedures especially focusing on complex, judgmental and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement.

You will brief the engagement team on the client's IT environment and industry IT trends. Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations.

You will use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Understand EY and its service lines and actively assess what the firm can deliver to serve clients.


Skills and attributes for success

  • Expertise in IT SOX compliance, Proficiency in General IT Controls, Business Continuity management, SAP testing, applications controls and performing SAS70 Reviews

  • 3rd party of vendor Risk management , VRM experience

  • IT strategy consulting services - IT strategy reviews and assistance in implementation of a value governance framework

  • Assisting in application security assessments, business cycle controls (BCCs) review, general computer controls (GCCs), Segregation of duties analysis

  • Security policy and procedure development in alignment with business needs

  • Service Delivery - Engagement planning, management, client report review and delivering client presentations

  • Knowledge Management- Developing work programs and methodologies to build specific competency and enhance value proposition

  • Team Building - Knowledge sharing, training, motivating and development of team members

  • Defining and performing Audit procedures to assess if any identified deficiencies in the application were exploited

  • Using various standards like - (ISO 27001, PCI DSS, SSAE16, HIPAA )

  • Assessing the application security , Documenting , Business cycle controls (BCCs) review, general computer controls (GCCs) in Third Party Risk management

To qualify for the role, you must have:

  • Bachelor's Degree

  • 7-10 years work experience in related field

  • You must be amenable to work in McKinley Hill, Taguig and/or Makati City