Home
Communities
Companies
- Companies
  
  Discover best places to work
- Compare Companies
  
  Compare & find best workplace
- Add Office Photos
  
  Bring your workplace to life
- Add Company Benefits
  
  Highlight your company's perks
Reviews
- Company reviews
  
  Read reviews for 6L+ companies
- Write a review
  
  Rate your former or current company
Salaries
- Browse salaries
  
  Discover salaries for 6L+ companies
- Salary calculator
  
  Calculate your take home salary
- Are you paid fairly?
  
  Check your market value
- Share your salary
  
  Help other jobseekers
- Gratuity calculator
  
  Check your gratuity amount
- HRA calculator
  
  Check how much of your HRA is tax-free
- Salary hike calculator
  
  Check your salary hike
Interviews
- Company interviews
  
  Read interviews for 40K+ companies
- Campus placements
  
  Interviews questions for 2K+ colleges
- Share interview questions
  
  Contribute your interview questions
Jobs
Awards

WINNERS AWAITED!
- ABECA 2025
  
  WINNERS AWAITED!
  
  AmbitionBox Employee Choice Awards - 4th Edition
- ABECA 2024
  
  AmbitionBox Employee Choice Awards - 3rd Edition
- AmbitionBox Best Places to Work 2022
  
  2nd Edition
- AmbitionBox Best Places to Work 2021
  
  1st Edition

Add office photos

Engaged Employer

Ernst & Young

Compare

3.4

based on 10.4k Reviews

2049 Ernst & Young Jobs

FS-Risk Management -Senior-ITRM

Ernst Young

3.4

based on 10.4k Reviews

3-5 years

Hyderabad / Secunderabad

1 vacancy

FS-Risk Management -Senior-ITRM

Ernst & Young

posted 45min ago

Job Role Insights

Flexible timing

Key skills for the job

Auditing Information Technology Payroll Information Security CCTV Monitoring Data Collection

+ 1 more

Job Description

Department/Area Function

Information Technology (IT) Risk Management program is designed to identify, manage, measure, and mitigate risks in all IT Capabilities.

Maintaining and enhancing IT risk management framework. The framework is comprised of tools and processes to help

Identify new risks, changes in risk, or relationships between risks
Monitor and escalate key matters of risk and control.

Support IT management in maintaining a complete and accurate Process, Risk, and Control library
Formulating, disseminating, and administering IT risk management policy and procedures.
Providing risk and control consultation and evaluations of control effectiveness to support/ evidence management awareness of the effectiveness of the control environment (i.e., assist management in issue self-identification)

Liaising with Technology Risk, Information Security, Technology Centers of Excellence and with other subject matter experts within the organization to ensure that risks and appropriate mitigants are identified and communicated throughout the organization.

Position Summary

The incumbent has primary responsibility of executing control testing, leading discussions, maintaining relationships with key stakeholders, and support targeted IT risk assessments (where applicable). The incumbent will execute and support day-to-day IT risk management activities (such as risk and controls assessments), manage deadlines and stakeholder expectations, and lead or participate in projects within assigned areas of responsibility. In carrying these responsibilities, the incumbent must work collaboratively with the IT Risk Management team, other risk control functions, as well as with IT line management.

Principal Responsibilities

Support efforts to identify and manage risk within assigned area(s) of responsibility.
Develop and strengthen relationships with IT partners and control evaluation functions across the 3 lines of defense
Develop, communicate, and ensure adherence to department risk policies, procedures and best practices.
Demonstrate and embed the behaviors and competencies that create a risk management mindset in your organization; a=
Support, and eventually lead, risk management activities including review of policy and procedure documents for alignment with controls, incorporation of changes, etc.
Become a central point of contact for risk and compliance items throughout the AES organization.
Gathering, preparing, and reviewing inputs into reporting (e.g., risk treatment, risk profiles, inherent risk assessments)
Ability to work as a team lead within the IT Risk Management (ITRM) projects.
Work back with the project team to maintain transparency in communication, highlight risks and share mitigation plan.
Develop and maintain productive working relationships with client personnel.
Planning and monitoring of the project deliverables for the team
Mentor the project team in executing the project deliverables and report status to the Project leaders/sponsors.

Incumbent will also be consistently responsible for facilitating the

Tracking and escalation of compliance items included on the IT Risk Control Report/ Dashboard
Issue and action closure facilitation including meeting coordination, evidence gathering and review, documentation preparation and review.
Control evaluations performed by audit and/or management control testing functions as well as regulatory exams to gather, review, and prepare required evidence.

Experience

3-5 years of experience in the field of IT Security / Information Security / Cyber Security.
Experience in working with IT Risk Management frameworks to identify, analyze, mitigate, monitor, and communicate IT risks.
Experience in conducting IT controls validation and testing and identifying control deficiencies.
Leading discussions with key stakeholders and staff to collect information requests. Familiarity with process mapping and control identification along with data collection and analytic skills.

Mandatory Requirements

Comprehensive understanding of IT Processes Risk and Controls or experience in IT Audits and IT General Controls.
Conduct risk assessments for IT process, applications, network infrastructure assets.
Draft IT/Cyber risk assessment reports including findings, associated risks, and recommendations.
Well versed with the security design concepts and should be able to drive IT risk management agenda.
Demonstrate flexibility to travel to the customer locations / other EY offices, on need basis.
Provide coverage / overlap during US shift hours, as per the client requirement.
The incumbent would be hired based on Build, Operate and Transfer model and would be transferred to the client payroll, as per the client requirements.

Preferred Requirements

Demonstrated ability to work pro-actively with all levels of management and staff.
Highly motivated, detail-oriented, self-starter, who can set priorities, take initiative and work both independently and proactively in a dynamic team environment.
Excellent inter-personal skills with a highly developed customer service orientation, and ability to work effectively with all levels of internal staff, and external contacts.
Strong planning and project management skills.
Strong process mapping and data collection and analysis skills
Good documentation and communication skills.
Foster teamwork, quality culture and lead by example. Understand and follow workplace policies and procedures.

Education, Training /or Certification

Relevant professional qualifications such as MBA or MCA.
B.E/B.Tech (Electronics, Electronics Telecommunications, Comp. Science)/MBA IT/having experience with other Big3 or paneled IT/ ITES companies.

Relevant professional certifications such as ISO27001 LA, CISA, CISM, CRISC, CISSP, CCSP etc. preferred

Employment Type: Full Time, Permanent

Read full job description

Prepare for Risk Management roles with real interview advice