Risk Consulting - Cloud Risk - Manager

Risk Consulting - Cloud Risk - Manager - Multiple Cities

Join EY, a globally recognized firm focused on high-ethical standards and integrity. Build a career with global scale, inclusive culture, and technology to become your best self. Build an exceptional experience for yourself and a better working world for all.

The objective of our Consulting Risk services is to provide clients with a candid and reliable overview of their risk landscape. Our solutions can be used to build confidence and trust with customers, the market, and, when required, regulatory or contractual frameworks. For our Cloud Risk services, our teams establish fit‑for‑purpose and proactive cloud risk frameworks and oversight capabilities to ensure consistency, transparency, and sustainability of public cloud use across the lines of defense.

You will manage multiple client engagement teams at an executive level within the practice and the firm. You will work with high‑level client personnel to analyze, evaluate, and enhance information systems facilitating the business internal control process, and assist clients and other Risk Assurance professionals in performing information technology control and security engagements.

• Provide guidance and share knowledge with team members, and participate in performing procedures, especially focusing on complex, judgmental and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement.
• Brief the engagement team on the client's IT environment and industry IT trends. Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations.
• Bring and utilize extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project‑management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services.
• Understand EY and its service lines, and actively assess what the firm can deliver to serve clients.
• Partner with clients on the development and deployment of cloud risk governance frameworks, ensuring alignment with organizational goals and adherence to regulatory standards.
• Lead risk discussions on cloud transformation, including migration from on‑prem.
• Coordinate with technical EY groups on cloud risk monitoring initiatives that employ advanced tools to proactively identify and mitigate risks across various cloud service models and deployments.
• Design robust cloud control mechanisms and, on engagements where independent, evaluate effectiveness in mitigating risks and maintaining compliance.

• A bachelor’s or master’s degree.
• Minimum of 5 years of experience as an IT auditor or IT risk adviser for a public accounting firm, professional services firm, or within industry.
• Significant experience applying relevant technical knowledge in at least one of the following engagements: (a) financial statement audits; (b) internal or operational audits; (c) Service Organization Controls reporting engagements; (d) ERP security and control reviews (Oracle, SAP, People Soft); and/or (e) cloud risk engagements (Azure, AWS, GCP).
• Available to travel outside the assigned office location at least 50% of the time, plus commute within the region. Must work in excess of standard hours when necessary. A valid passport is required.

• A bachelor’s or master’s degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline.
• CPE, CA, CISA, CISSP, CISM, CBCP, CIA, CIPP, CGEIT certification is desired; non‑certified candidates must become certified within 1 year of hire.
• Additional cloud‑based certifications to credentialize but not currently…