EY Risk _ TPRM Non FSO, Senior in Bangalore, India

Risk _ TPRM Non FSO, Senior

Advisory

Requisition # BEN0044P

Post Date 5 days ago

Third Party Risk Management (TPRM) – Senior (42/1-3)

Job purpose:

Senior in the Risk Advisory team to work on various TPRM projects for our customers across the globe.

You will be responsible for delivering on accounts in accordance with EY quality guidelines & methodologies. You will need to execute and coordinate on accounts and relationships on a day-to-day basis and explore new business opportunities for the firm. Establishing, strengthening and nurturing relationships with clients and internally across service lines and proactively will also be a part of your day-to-day activities. You will assist in developing new methodologies and internal initiatives, and help in creating a positive learning culture by coaching, counselling and developing junior team members.

In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, by reviewing the work provided by junior members.

Your client responsibilities:

  • Provide guidance and share knowledge with team members and participate in performing procedures focusing on complex, judgmental and/or specialized issues.

  • Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations

  • Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate strong project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Understand EY and its service lines and actively assess what the firm can deliver to serve clients

  • Assist Managers in driving the business development process on existing client engagements by gathering appropriate resources, gaining access to key contacts & assisting in proposal preparation.

  • Assist in creating innovative insights for clients, adapt methods & practices to fit operational team needs, contribute to thought leadership documents and develop new methodologies.

  • Facilitate discussions / knowledge sharing with key client personnel and contribute to EY thought leadership.

  • Plan & deliver on client engagements. Provide regular status updates on engagements and work products.

  • Demonstrate strong project management skills

  • Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business.

  • Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices)

  • Review status updates and prepare management presentations/audit committee presentations etc.

  • Actively contribute to improving operational efficiency on projects & internal initiatives.

Your people responsibilities:

  • Display teamwork and integrity. Work with team members to meet committed timelines and quality on engagements

  • Driving the quality culture agenda at GDS

  • Manage the performance management for the direct reportees, as per the organization policies

  • Training and mentoring of project resources

  • Participating in the organization-wide people initiatives

Mandatory skills:

  • Strong knowledge of information security concepts, risk and controls concepts

  • Strong knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc.

  • Strong knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc.

  • Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts

  • Strong knowledge of OS (Windows / Linux) security, Database security

  • Sound familiarity with OWASP and Secure SDLC standards / frameworks

  • Good knowledge of IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.)

  • Good knowledge of Security architecture design and review

  • Good experience in LAN/WAN architectures and reviews

  • Good knowledge on Privacy, Governance and reporting

  • Good knowledge of anti-virus solutions (e.g. Symantec, McAfee, etc.)

  • Knowledge of incident management, disaster recovery and business continuity management

  • Knowledge of Cryptography

  • Knowledge of physical and environmental security

  • Knowledge of Asset Security and Identity and Access Management

  • One or more certifications such as CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer

  • Business Continuity Plans & Disaster Recovery (BCP/DR) - Conducting business Impact Analysis, Identify controls, Develop recovery strategy, plan testing, training and user awareness, and plan review and maintenance for development of effective business continuity management solutions

  • BE/BTech/MCA with a sound industry experience of 4 to 7 Yrs

Preferred skills:

  • Strong domain experience in a specific sector

  • Prior Client facing experience