This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

The Land of Lincoln is hiring! New job offers every day

To post a job, login or create an account |  Post a Job

FSO Technology Risk Senior – Cyber Risk

Ernst & Young

This is a Full-time position in Chicago, IL posted November 8, 2021.

The opportunity  

Our Integrated Cyber Risk team, a competency within the FSO Cyber and Technology Risk practice, provides financial services clients with an innovative and comprehensive approach for managing cyber and technology risks across their organization.

With the ever-increasing risks for conducting business in a globally connected economy, and the rapid evolution of related threats, companies are turning to EY to understand, assess and prioritize risks as well as the related actions.

EY has been recognized by multiple organizations as a leader in the cybersecurity space.

In addition, our clients rely on EY to help transform their cyber programs, while driving business performance.

Our team works collaboratively across the various FSO competencies and the EY global network to provide comprehensive and insightful services to our clients.

Our Cyber Risk Team competencies include cyber risk management, cyber and IT regulatory risk, cyber resiliency, cyber analytics and privacy.   

Your key responsibilities   

On a typical day, you will work with your engagement team and the client to execute engagements that help our clients measure the effectiveness of their cybersecurity and privacy programs; assess the cybersecurity risk of a client; evaluate the maturity of a security program and perform benchmarking against its peers; test the effectiveness of cyber controls; assist clients with complying with the various cyber regulations; and help implement new cyber control processes and tools to perform more effective cyber risk management.

You will also lead client meetings, prepare workpaper documentation, create and deliver presentations and provide coaching to your junior team members.

We’ll look to you to stay abreast of current cyber regulations and industry practices, as well as to display teamwork, integrity and leadership to support and value your team’s contributions and foster innovation.   

Skills and attributes for success   

You will be expected to demonstrate in-depth technical capabilities, financial services industry knowledge and professional knowledge; establish relationships with client personnel; and possess good business acumen.

Teaming and working with clients to analyze, evaluate and enhance their cybersecurity program and related processes will be critical for success.

As a Senior, you will be expected to: 

  • Collaborate with other members of the engagement team to plan the engagement and develop work programs and execution enablers, including approach, tasks, timelines, and budgets 
  • Serve as a fieldwork leader by directing the daily progress of fieldwork, informing management of engagement status and supervising and mentoring staff performance 
  • Possess a well-rounded understanding of general security concepts and methods such as identity and access management, threat and vulnerability management, data classification, incident response, security policy creation, enterprise security strategies, privacy, architectures and governance 
  • Leverage knowledge of the current cyber/IT landscape and financial services industry cyber/IT trends to identify the engagement and client service issues, and communicate this information to the engagement team and client management through written correspondence and verbal presentations 
  • Demonstrate and apply strong project management skills, inspire teamwork and responsibility with engagement team members, and use current technology and tools to enhance the effectiveness of deliverables and services 
  • Be able to interface with client stakeholders and subject-matter resources who  own cybersecurity processes and controls such as information security governance, risk management, security operations and monitoring, threat intelligence, business continuity, incident response, privacy and third-party risk management. 

To qualify for the role, you must have 

  • A bachelor’s degree in business, accounting, finance, computer science, information systems or a related discipline and three years of related work experience 
  • A minimum of two years of experience working as a cybersecurity practitioner, cyber/IT auditor or cyber/IT risk advisor for a public accounting firm, a professional services firm or financial services company, or comparable experience as an advisor to a financial services company 
  • Experience with at least one of the following types of work related to cybersecurity and technology: a) assessments b) risk management c) compliance and regulations and/or d) internal audit 
  • Working knowledge of industry standards (ISO 27001, NIST 800 series), frameworks (NIST Cybersecurity Framework, FFIEC Cybersecurity Assessment Tool) and regulations (GLBA, FFIEC, NY-DFS, SEC, NFA, FDIC). 
  • Familiarization with Financial Services Industry Groups such as SIFMA, NAIC and AIMA 
  • Availability to travel outside of your assigned office location up to 50% of the time.

    Successful candidates must work in excess of standard hours when necessary.

    A valid passport is required. 

Ideally, you’ll also have 

  • A master’s degree in information systems, computer science, business, accounting, finance or a related discipline 
  • CA, CGEIT, CIA, CISA, CISM, CISSP, CMA, CPA or CRISC certification.

    Non-certified hires are required to become certified to be eligible for promotion to Manager 

  • Excellent leadership, teamwork and client service skills 
  • Strong written and verbal communication skills and presentation skills