GDS Consulting FS Third-Party Risk Management Senior Consultant
Taguig, PH, 1634
EY
Mit unseren vier integrierten Geschäftsbereichen — Wirtschaftsprüfung und prüfungsnahe Dienstleistungen, Steuerberatung, Unternehmensberatung und Strategy and Transactions — sowie unserem Branchenwissen unterstützen wir unsere Mandanten dabei,...At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
FS Risk Third Party Risk Management (TPRM) – Senior Consultant
Senior in the Risk Consulting team to work on various Third Party Risk Management projects for our customers across the globe.
You will be responsible for delivering on accounts in accordance with EY quality guidelines & methodologies. You will need to execute and coordinate on accounts and relationships on a day-to-day basis and explore new business opportunities for the firm. Establishing, strengthening and nurturing relationships with clients and internally across service lines and proactively will also be a part of your day-to-day activities. You will assist in developing new methodologies and internal initiatives and help in creating a positive learning culture by coaching, counselling and developing junior team members.
In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, by reviewing the work provided by junior members.
The opportunity
We’re looking for Seniors with expertise in TPRM to join our TPRM Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering.
Your key responsibilities
• Provide guidance and share knowledge with team members and participate in performing procedures focusing on complex, judgmental and/or specialized issues.
• Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations
• Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate strong project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Understand EY and its service lines and actively assess what the firm can deliver to serve clients
• Assist in driving the business development process on existing client engagements by gathering appropriate resources, gaining access to key contacts & assisting in proposal preparation.
• Assist in creating innovative insights for clients, adapt methods & practices to fit operational team needs, contribute to thought leadership documents and develop new methodologies.
• Facilitate discussions / knowledge sharing with key client personnel and contribute to EY thought leadership.
• Plan & deliver on client engagements. Provide regular status updates on engagements and work products.
• Demonstrate strong project management skills
• Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business.
• Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices)
• Review status updates and prepare management presentations/audit committee presentations etc.
• Actively contribute to improving operational efficiency on projects & internal initiatives.
Skills and attributes for success
• Display teamwork and integrity. Work with team members to meet committed timelines and quality on engagements
• Driving the quality culture agenda at GDS
• Manage the performance management for the direct reportees, as per the organization policies
• Training and mentoring of project resources
• Participating in the organization-wide people initiatives
To qualify for the role, you must have
• Excellent verbal and written communication skills; especially centered around translation of business requirements to technical requirements
• Translate requirements into program enhancements
• Strong knowledge of information security concepts, risk and controls concepts
• Continually reassess the operational risks associated with Third Party Risk Management and inherent in the business, taking account of changing economic or market conditions, legal and regulatory requirements, operating procedures and practices and the impact of new technology
• Strong knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc.
• Ensure that Third Party Risk Management activities and actions are in accordance with all relevant policies and procedures as contained in the Group Instruction Manual (GSM & FIMs) and Regional Third-Party Risk Management Procedures
• Address questions raised by stakeholders with regards to ongoing third-party management, new third party relationships, and policy queries. Follow up on due diligence activities required by policy for Approved Supplier
• Contribute to developing/ reviewing policies/ standards for addressing various open risks in the TPM domain
• Identify risk and opportunities for the benefit of the organization and in alignment with Global Third-Party Management strategy
• Strong knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc.
• Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts
• Strong knowledge of OS (Windows / Linux) security, Database security
• Sound familiarity with OWASP and Secure SDLC standards / frameworks
• Good knowledge of IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.)
• Good knowledge of Security architecture design and review
• Good experience in LAN/WAN architectures and reviews
• Good knowledge of anti-virus solutions (e.g. Symantec, McAfee, etc.)
• Good Knowledge of incident management, disaster recovery and business continuity management, Cryptography, physical and environmental security, Asset Security and Identity and Access Management, Privacy, Governance, cloud security, and reporting
• Good experience on of various assessment types (e.g., risk assessment / vendor security assessment, risk management and controls review, audits, gap analysis, regulatory compliance review, ISO 27001 readiness, IT Policy review, cloud security assessments)
• One or more certifications such as CISSP, CISA, CISM, CRISC, CEH, ISO 27001 Lead Auditor and Lead Implementer
• Business Continuity Plans & Disaster Recovery (BCP/DR) - Conducting business Impact Analysis, identify controls, Develop recovery strategy, plan testing, training and user awareness, and plan review and maintenance for development of effective business continuity management solutions
• BE/BTech/MCA with a sound industry experience of 4 to 7 Yrs.
Ideally, you’ll also have
• Deep domain experience in a specific sector
• Prior Client facing experience
What we look for
We believe that you should own and shape your career. But we’ll provide the support and opportunities to develop the skills, knowledge and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you’ll interact and team with individuals from various geographies and sectors. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
What working at EY offers
At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are.
You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:
• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you
About EY
As a global leader in assurance, tax, Strategy & transactions and Consulting services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
Join us in building a better working world.
Apply now
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CEH CISA CISM CISSP Cloud Compliance CRISC Cryptography Finance Firewalls FISMA Governance GSM HIPAA HITRUST IAM IDS IPS ISO 22301 ISO 27001 IT infrastructure Linux OWASP Privacy Risk assessment Risk management SDLC Security assessment Strategy TCP/IP Windows
Perks/benefits: Career development Startup environment Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.