Technology Risk Management Leader for Client Technology

At EY, we’re all in to shape your future with confidence. 

We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. 

Join EY and help to build a better working world. 

The opportunity

• The Technology Risk Management (TRM) Leader is responsible for overseeing the technology risks management activities within Client Technology (CT), whose mission is to create distinctive products, platforms and solutions to deliver long-term value to EY clients. 
• The TRM Leader, inside Client Technology:
  • aligns technology risk management with CT’s vision, mission, strategy and priorities, 
  • focuses on technology risks associated with software ideation, design, development, test, deployment and operations, 
  • collaborates with all CT Functions to support them identifying, classifying, prioritizing, assessing, preventing, mitigating, responding, monitoring and reporting technology risks to ensure CT's products, platforms and solutions are secure and compliant with relevant regulations and standards,
  • collaborates with Technology Officers (TOs) to support them in managing technology risks with their respective Service Lines,
  • integrates with the overall Performance Excellence framework and objectives (Performance Metrics and Measurement, Delivery Continuous Improvement, Asset Management, Quality Assurance and Compliance).
• The TRM Leader, outside Client Technology:
  • collaborates with other EY organizations working on risk management, such as Global Risk Management (GRM) for strategic direction on governance, risk, compliance and Infosec (IS) for security management. 
  • more specifically, partners closely with the Technology Assurance Risk and Policy (TARP) team, part of Infosec, to align the global technology risk framework with the CT’s strategy and priorities.
     

Your key responsibilities

• Develop and implement a priority-based approach to manage technology risks related to software products, platforms and solutions managed by CT.
• Facilitate operationalization and maintenance of the technology risk management framework using EY risk framework and industry standard models (e.g., COBIT5, ITIL, NIST) as references.
• Advocate for funding and skilled resources necessary for risk management initiatives. 
• Work collaboratively with a team of technology risk professionals, both inside and outside CT.
• Support and sponsor the integration of technology risk best practices into CT processes.
• Support and sponsor audit pipeline and onboarding.
• Monitor emerging technology risks (e.g. risks arising from using AI technologies).
• Foster compliance with relevant regulations, standards, and internal policies.
• Act as the change agent in the identification and execution of technology risk-related initiatives.
• Monitor and report on the effectiveness of technology risk management activities and controls.
• Provide guidance and support to CT’s sub-functions on technology risk management matters.
• Keep up with the latest developments in technology risk management, cybersecurity and data privacy.
   

Skills and attributes for success

• Bachelor's Degree in Computer Science, Management Information Systems, Risk Management, or a related field. A Master's degree is preferred.
• A minimum of 10 years of experience in technology risk management, cybersecurity and data privacy or a related field. 
• Strong knowledge and hands-on experience with technology risk management frameworks and standards (e.g., ISACA/COBIT, ITIL, NIST, ISO/IEC 27000, 31000 & 22301, ISQM).
• Strong stakeholder engagement and management capabilities. Comfortable interacting professionally with all levels of management and subject matter experts, able to build strong working relationships across multiple departments/functions and collaborate effectively.
• Excellent project management skills and the ability to manage multiple projects simultaneously across a widely dispersed group of stakeholders.
• Strong analytical and problem-solving skills.
• Excellent communication, influencing and interpersonal skills.
• Relevant certifications (e.g. CISA, CISSP, CRISC, CISM, CPA, CIA, PMP, AWS, CIPP, CIPT, CRM) are preferred.
• The Technology Risk Management Leader will report to the CT Performance Excellence Leader.
• This role requires occasional travel to company locations across the world.
   

What we look for

A self-starter, independent-thinker, curious and creative person with ambition and passion

What we offer you

At EY, we’ll develop you with future-focused skills and equip you with world-class experiences. We’ll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more.  

Are you ready to shape your future with confidence? Apply today.   

To help create an equitable and inclusive experience during the recruitment process, please inform us as soon as possible about any disability-related adjustments or accommodations you may need.  

EY | Building a better working world

EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.

Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.

EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.