Risk Consulting - TPRM - Manager

Location: Ernākulam

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

EY-Digital Risk – Third Party Risk Management

At EY, we're all in to shape your future with confidence.

Join EY and help to build a better working world.

As part of our Risk Consulting, you will be joining the Digital Risk Consulting Team.

The opportunity

We're looking for Manager with expertise in Third Party Risk Management and IT Audit to support our clients across a range of Third Party Risk Management (TPRM) issues and challenges and enable our clients to better manage the broad range of risks in their increasingly complex supply chains. Working with team, you will also perform IT Risk assessment, IT Governance review, Cybersecurity and BCM audits.

This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of our service offering.

Your

Key Responsibilities

Champion the use of emerging technologies (e.g., AI, automation, continuous monitoring platforms) to enhance TPRM capabilities.
Design TPRM framework, operating model, methodology and procedures
Implement TPRM process for client and manage the assessment lifecycle as per the design
Perform assessment with vendors across the IT, Cybersecurity, BCM and Data Privacy domains.
Prepare reports and present the status to EY engagement leadership and client project management
Ensure team members are executing the assessment to minimum expected quality
Conduct Meetings, IT security revies, IT internal control testing, develop IT internal audit plans, conduct IT audit closure meetings and provide other IT internal audit services for the MENA stakeholders.
Prepare audit plans and risk control metrices
Assess the client's current state IT and Cybersecurity internal controls for the client's environment and identify risks and subsequent recommendations.
Deliver exceptional client service experience while advising on complex process issues
Provide subject matter guidance on evolving regulatory frameworks (e.g., DORA, NCA framework, SAMA framework) and their impact on third-party ecosystems.
Managing a portfolio of TPRM engagements with our clients, responsible for the day-to-day running of the engagements including meeting quality, time and budget targets
Drive the design and implementation of scalable TPRM operating models and tooling (e.g., Service Now VRM, Archer, Process Unity).
Create a positive team environment and provide coaching and support for junior staff

Skills And Attributes For Success

Experience conducting third party risk assessments against global/MENA specific standards/regulations
Expertise in IT/Info Sec internal control testing, Cybersecurity and Business Continuity Management (BCM) audits
Able to manage Senior stakeholders in the audit domain.
Experience in leading teams to execute IT audit/Risk Management, Cybersecurity and BCM audits within stipulated timeline along with high quality deliverables.
Excellent communication and stakeholder management skills.

To qualify for the role, you must have

Project experience and client knowledge gained from professional practice across a number of TPRM engagements, including aspects of Compliance, IT Risk Management, Cyber, Resilience, and Privacy.
Excellent understanding of National and International Security Standards (e.g., NIST, ISO
27001), reporting standards (e.g., SOC/ISAE), and privacy or TPRM regulations, such as UK Data Protection Act, GDPR, DORA, NCA ECC, SAMA Framework..etc.
Willingness to travel
Excellent written and verbal communication skills for report writing, client presentations, and project management
At least 7 years of relevant experience (desirably within resilience, cyber, or TPRM). Preferably with experience in a consulting role in a leading consultancy firm.
Proven track record of delivering complex, multi-stakeholder programmes in regulated industries
Excellent communication skills with consulting…