EMEIA Technology Risk Leader

at  EY

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of over 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust.
Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value.

SKILLS AND ATTRIBUTES FOR SUCCESS

• Insight into the business advantages of good risk management and internal controls beyond compliance purposes.
• Proven ability to manage multiple projects and meet deadlines in a fast-paced and changing environment.
• Skilled in executive level presentations and briefings.
• Demonstrated leadership, negotiation and collaboration skills, and ability to influence up and down.

YOUR KEY RESPONSIBILITIES

The role is focused on identifying, evaluating, and mitigating technology risks in the EMEIA area through direct consultation and reports to the Technology Risk Consulting Lead. Key responsibilities include managing the delivery of TARP service offerings, building strong stakeholder relationships, and serving as the escalation point for technology risks. The position involves coordinating risk assessments using TARP methodology, developing and implementing risk management strategies, and ensuring compliance with regulations. Collaboration with various departments is essential to tailor risk mitigation strategies to specific regional needs, involving understanding their technology dependencies and threats. The role also includes leading educational initiatives on technology risks, regularly reporting to senior management on risk status and mitigation efforts, and staying abreast of the latest trends in technology and risk to continually refine the firm’s strategies and policies.

TO QUALIFY FOR THE ROLE YOU MUST HAVE

• A minimum of 10 years’ experience in the field of Technology Risk Management and/or a similar field in Information Security capability.
• An advanced degree in Computer Science, Information Security or a related discipline, or equivalent work experience.
• Proficiency in policy frameworks such as ISO & COBIT.
• Strong English language skills: excellent writing, presentation, interpersonal, and communication skills are required.
• A minimum of 10 years of experience in managing senior or managerial staff in areas of Governance, Risk, and Compliance (GRC)