• Job Description

  Req#: 1449436

  Supplier Risk Assurance Analyst – Senior Associate

  EY Technology:

  Global Information Security (Info Sec) – Our mission is to protect and enable the Firm to confidently utilize technology enabled products and services to help the Firm to build a better working world for our clients and Firm. We use leading practices, latest generation technology, and hire most qualified people to detect, respond, and mitigate cyber risk and to enable the Firm to move at the speed of business.

  The opportunity

  The Supplier Risk Assurance program evaluates and monitors information security risk associated with the Firm’s use of third party technology suppliers. We measure risk against Firm security controls, industry standards, regulations and laws, and EY business practices. We then advise our engagement and project managers, our procurement team, and our Legal teams in the recommended treatment of the risk assessment conclusions.

  In a working world where there is an increasing reliance on third party provided products and services the role offers interaction with some of the most interesting and important technology related activities of the Firm across the spectrum of services offered.

  This role is an important and very visible contributor offering highly valued and critical services within a highly collaborative team environment. A more exciting challenge is difficult to find!

  Your key responsibilities

  The person chosen will conduct inherent risk assessments, supplier research, reporting, data analytics, communications with our stakeholders, and other required tasks associated with the execution of the Supplier Risk Assurance mission.

  Skills and attributes for success

  • Well-developed and creative analytic abilities to synthesize technical data, project related information, interview and survey results, and other information to inform risk decisions.
  • Ability to manage and deliver on multiple and shifting priorities to provide high quality, timely, and effective service to our customers.
  • Advanced interpersonal skills to engage and collaborate with multiple internal and external stakeholders within a matrixed and global organization.
  • Highly developed communications skills, both oral and written in the English language
  • Must be able to rapidly learn a complex business process that involves acquisition of knowledge and familiarity with related regulations, EY Policies and Standards, and international standards such as ISO 27001:2013, SOC 2, HITRUST, and PCI-DSS.
  • Ability to manage projects and complex sets of tasks independently and supervising junior resources.

  To qualify for the role you must have:

  • Bachelor level or higher degree in computer science or related discipline such as engineering or an equivalent in experience (minimum of 3 years in a related function)
  • Two to three years of experience in any of the following: information security, IT risk management, internal audit, IT process and analytics, or compliance
  • Experience working with Information Security controls such as ISO27001:2013, NIST, or SOC.
  • Experience leading small to moderate sized projects.

  Ideally, you’ll also have

  • Certifications such as the Certified Information Systems Security Professional (CISSP), Global Security Essentials Certification (GSEC), or Certified in Risk and Information Systems Control (CRISC).
  • Good working knowledge of data analytic methods and tools, including but not limited to Spotfire, and Microsoft Excel. Good knowledge and skills with Microsoft Office and Sharepoint.
  • Experience, skills, or education in Information Security technical areas.

  What we look for

  The ideal candidate will enjoy the challenge of rapid acquisition of knowledge and have the skills and determination to join a high performing team. We are looking for someone who is agile, flexible, serious about providing top flight service to our customers, and above all a great team member.

  What working at EY offers

  We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development.

  • Support, coaching and feedback from some of the most engaging colleagues around
  • Opportunities to develop new skills and progress your career
  • The freedom and flexibility to handle your role in a way that’s right for you

  EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.

  About EY

  As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.

  If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

  #ExperiencedEY

• About the company

  EY provides consulting, assurance, tax and transaction services that help solve our client’s toughest challenges and build a better working world for all.

Notice