Non-FS Third-Party Risk Management Consultant

Taguig, PH, 1634

Applications have closed

EY

Mit unseren vier integrierten Geschäftsbereichen — Wirtschaftsprüfung und prüfungsnahe Dienstleistungen, Steuerberatung, Unternehmensberatung und Strategy and Transactions — sowie unserem Branchenwissen unterstützen wir unsere Mandanten dabei,...

View all jobs at EY

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

 

 

Staff Cybersecurity Analyst    

- 1-2 Years experience in Third Party Risk Management, Risk and Compliance and Information Security Management System.

 

Has knowledge and understanding with different international frameworks such as but not limited to ISO27001, SOC Audit Report (SOC 1 Type I, SOC 1 Type II, SOC 2 Type I, SOC 2 Type II and SOC 3), HIPAA, PCI-DSS, etc. that covers the following security domains.
1. Cybersecurity Program / Information Security Policy and Procedures
2. Cybersecurity Risk Management
3. Cybersecurity Threat Intelligence
4. Human Resource Security
5. Asset Management
6. Access Control
7. Physical & Environmental Security 
8. Network and Communication Management  (e.g. Network boundaries, Network & Security hardening, Encryption, Antivirus/Antimalware, Endpoint protection, Firewall, etc.)
9. Development or Enhancement of Technology Assets, Software Development Lifecycle and Change Management
10. Cybersecurity Operation (Vulnerability Management, Patch Management, Penetration Testing, Secure Logging & Monitoring, System Hardening Standards, etc.)
11. Cybersecurity Incident Management
12. Business Continuity, Disaster recovery, Backup and Recovery
13. Information classification and Information disposal and reuse, Data Protection, Data Privacy, Cloud Security, Encryption/Cryptographical controls, etc.
14. Sub-service Provider
15. Artificial Intelligence"

 

Requirements:

- Has experience in completing Inherent Risk Assessments and Third Party Risk Assessment
- Has good communication skills and capable to manage multiple calls with clients and business owner with different nationalities
- Has experience in managing client driven assessments and deadlines
- Proficient in English both written and verbal
- Able to work under pressure and with minimal supervision
- Flexible to meet client demands
- Takes accountability and ownership of his assigned tasks
- Willing to work during client hours (EST and MST time zone) - this would be between 7pm to 4pm or 9pm-6am

 

EY | Building a better working world

 

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

 

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

 

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.  

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  7  1  0

Tags: Antivirus Artificial Intelligence Cloud Compliance Encryption Firewalls HIPAA ISO 27001 Monitoring Pentesting Privacy Risk assessment Risk management SDLC SOC SOC 1 SOC 2 SOC 3 Strategy Threat intelligence Vulnerability management

Perks/benefits: Career development Flex hours

Region: Asia/Pacific
Country: Philippines

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.