Non-FS Third-Party Risk Management Consultant

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Staff Cybersecurity Analyst    

- 1-2 Years experience in Third Party Risk Management, Risk and Compliance and Information Security Management System.

Has knowledge and understanding with different international frameworks such as but not limited to ISO27001, SOC Audit Report (SOC 1 Type I, SOC 1 Type II, SOC 2 Type I, SOC 2 Type II and SOC 3), HIPAA, PCI-DSS, etc. that covers the following security domains.
1. Cybersecurity Program / Information Security Policy and Procedures
2. Cybersecurity Risk Management
3. Cybersecurity Threat Intelligence
4. Human Resource Security
5. Asset Management
6. Access Control
7. Physical & Environmental Security 
8. Network and Communication Management  (e.g. Network boundaries, Network & Security hardening, Encryption, Antivirus/Antimalware, Endpoint protection, Firewall, etc.)
9. Development or Enhancement of Technology Assets, Software Development Lifecycle and Change Management
10. Cybersecurity Operation (Vulnerability Management, Patch Management, Penetration Testing, Secure Logging & Monitoring, System Hardening Standards, etc.)
11. Cybersecurity Incident Management
12. Business Continuity, Disaster recovery, Backup and Recovery
13. Information classification and Information disposal and reuse, Data Protection, Data Privacy, Cloud Security, Encryption/Cryptographical controls, etc.
14. Sub-service Provider
15. Artificial Intelligence"

Requirements:

- Has experience in completing Inherent Risk Assessments and Third Party Risk Assessment
- Has good communication skills and capable to manage multiple calls with clients and business owner with different nationalities
- Has experience in managing client driven assessments and deadlines
- Proficient in English both written and verbal
- Able to work under pressure and with minimal supervision
- Flexible to meet client demands
- Takes accountability and ownership of his assigned tasks
- Willing to work during client hours (EST and MST time zone) - this would be between 7pm to 4pm or 9pm-6am

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.