Home
Communities
Companies
- Companies
  
  Discover best places to work
- Compare Companies
  
  Compare & find best workplace
- Add Office Photos
  
  Bring your workplace to life
- Add Company Benefits
  
  Highlight your company's perks
Reviews
- Company reviews
  
  Read reviews for 6L+ companies
- Write a review
  
  Rate your former or current company
Salaries
- Browse salaries
  
  Discover salaries for 6L+ companies
- Salary calculator
  
  Calculate your take home salary
- Are you paid fairly?
  
  Check your market value
- Share your salary
  
  Help other jobseekers
- Gratuity calculator
  
  Check your gratuity amount
- HRA calculator
  
  Check how much of your HRA is tax-free
- Salary hike calculator
  
  Check your salary hike
Interviews
- Company interviews
  
  Read interviews for 40K+ companies
- Campus placements
  
  Interviews questions for 2K+ colleges
- Share interview questions
  
  Contribute your interview questions
Jobs
Awards

WINNERS AWAITED!
- ABECA 2025
  
  WINNERS AWAITED!
  
  AmbitionBox Employee Choice Awards - 4th Edition
- ABECA 2024
  
  AmbitionBox Employee Choice Awards - 3rd Edition
- AmbitionBox Best Places to Work 2022
  
  2nd Edition
- AmbitionBox Best Places to Work 2021
  
  1st Edition

Add office photos

Engaged Employer

Ernst & Young

Compare

3.4

based on 10.5k Reviews

Video summary

1 Ernst & Young Risk and Compliance Consultant Job

Cyber Risk and Compliance Consultant - Senior

Ernst Young

3.4

based on 10.5k Reviews

3-8 years

Thiruvananthapuram

1 vacancy

Cyber Risk and Compliance Consultant - Senior

Ernst & Young

posted 11d ago

Job Role Insights

Flexible timing

Key skills for the job

Quality Assurance Consulting Auditing Information Technology Risk Management ISO 27001 Lead Auditor

+ 4 more

Job Description

Cyber Risk and Compliance Consultant - Senior

The opportunity
This is a role where no two days are the same - so you ll find yourself taking on plenty of new responsibilities as you go. You ll work alongside clients and colleagues, balancing your time between developing security strategies, designing security and privacy controls, advising client stakeholders, facilitating workshops and supporting business development.

Your key responsibilities
As a Cyber GRC Professional in our Cyber Security practice, you will be occupied in the following domains a) Strategy, b) Risk, c) Compliance. As part of our team strategy you will be expected to take on responsibility and initiative early, providing you with real experience working with a wide range of major clients in EY. You will be taking responsibility for the quality of your work, while continually developing your personal and professional skills through formal training, hands-on experience and coaching.

Skills and attributes for success

To qualify for the role, you must have

Degree, or equivalent, in Information Security, Cyber Security, Information Technology, Informatics, or other similar and technical areas
Evidence of self-motivation to continuously develop in the areas of cybersecurity
Good organizational and time management skills with the ability to prioritize and complete multiple complex projects under tight deadlines
Ability to translate security issues into business risks
Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels
Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies
Experience, knowledge and strong interest in information and cyber security domains are essential for this role
Experience on Cyber Governance, Risk & Compliance (GRC), Cyber risk assessments & management methodologies
Experience on assessing, designing and implementing security strategies, governance frameworks over processes and controls, allowing organisations to optimally manage cyber security
Experience on design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, such as ISO27001, NIST, SANS etc.
Experience in data classification exercises and controls / mechanisms enforcement
Working knowledge of control frameworks such as ISO 27001/27002, COBIT, NIST, ITIL, etc.
Ability to conduct Security regulatory and compliance assessment independently
Hands on with assessment report preparation and presenting to senior technical and business stakeholders
Hand on knowledge of excel, PowerPoint and word
Articulative and confident in presentation to senior stakeholders
Ability to lead workstreams or dedicated portions of projects
Cyber maturity assessments, recommendations, roadmap and strategy creation
knowledge of use of and risks related to modern and emerging technologies
Cybersecurity audit
Ability to plan and deliver cyber security training and awareness

Ideally, you ll also have

Security-related qualifications / certifications such as CISSP, SSCP, CISM, ISO27001 lead implementer or auditor, CompTIA Security+, are desirable
Experience in Third Party Risk Management (TPRM) and / or vendor risk assessment engagements
Experience in design and implementation of Information Security Management Systems (i.e. security policies, procedures and guidelines) according to leading International Standards
Security-related vendor / technology certifications are desirable