EY
Risk Consulting - Cyber Risk - Senior Consultant - Multiple Cities
EY, Mc Lean, Virginia, us, 22107
Risk Consulting - Cyber Risk - Senior Consultant - Multiple Cities (EY)
Join to apply for the
Risk Consulting - Cyber Risk - Senior Consultant - Multiple Cities
role at
EY .
At EY, you’ll have the chance to build a career as unique as you are, with global scale, support, inclusive culture and technology to help you become the best version of yourself. EY is committed to building a better working world.
The opportunity The objective of our consulting risk services is to provide clients with a candid and reliable overview of their risk landscape. For our Cyber Risk services, the ideal candidate will be responsible for identifying, evaluating, and managing cyber risks across the organization. This role involves working closely with IT, security teams, and business units to ensure that our cyber risk posture is aligned with business objectives and regulatory requirements.
Your Key Responsibilities You will operate as a fieldwork leader to assist clients in employing proper information systems, resources, and controls to maximize efficiencies and minimize risk. You will work with client personnel to analyze, evaluate, and enhance information systems facilitating the business internal control process, and assist clients and other Risk Assurance professionals in performing information technology control and security engagements.
Skills And Attributes For Success
Collaborate with other members of the engagement team to plan the engagement and develop work program timelines, risk assessments, and other planning documents. Document business processes dependent on information technology. Serve as a fieldwork leader by directing daily fieldwork progress, informing supervisors of engagement status, and managing staff performance.
Demonstrate a thorough understanding of complex information systems. Use knowledge of the current IT environment and industry IT trends to identify engagement and client service issues. Communicate findings to the engagement team and client management via written and verbal communications. Apply strong project management skills and teamwork to deliver high-quality results.
Conduct comprehensive cyber risk assessments to identify vulnerabilities, threats, and potential impacts.
Develop and implement risk mitigation strategies and controls to protect against cyber threats.
Collaborate with IT and security teams to ensure cybersecurity policies and procedures are up-to-date and effectively implemented.
Monitor the cyber threat landscape and provide timely intelligence to relevant stakeholders.
Facilitate risk management discussions with business leaders to ensure understanding of cyber risk exposure.
Oversee the cyber risk management lifecycle, including risk identification, analysis, response, and monitoring.
Coordinate with external partners to manage and transfer cyber risks where appropriate.
Prepare and present risk reports and dashboards to senior management and the board of directors.
Ensure compliance with laws, regulations, and industry standards related to cybersecurity and data protection.
Conduct training and awareness programs to promote a culture of cybersecurity across the organization.
To qualify for the role you must have
A bachelor’s or master’s degree (Information Technology, Cybersecurity, Risk Management, or related field).
Professional certifications such as CISSP, CISM, CRISC, or similar are highly desirable.
Minimum of 2 years of experience in cybersecurity, risk management, or a related role.
Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001) and regulatory requirements.
Proven experience in risk assessment methodologies and tools.
Excellent analytical and problem-solving skills; strong communication and interpersonal skills to convey complex information to non-technical stakeholders.
Ability to work independently and as part of a team in a fast-paced environment.
Ability to travel outside of the assigned office location at least 50% of the time, plus regional commuting; valid passport required.
Ideally, you’ll also have
Bachelor’s or master’s degree in business, accounting, finance, computer science, information systems, engineering, or related field.
CPA, CA, CISA, CISSP, CISM, CBCP, CIA, CIPP, CGEIT certifications are desirable; non-certified hires may be required to obtain certification for promotion eligibility.
Cloud certifications such as CCSP, CCSK, CCAK, Microsoft Azure Fundamentals, AWS Cloud Practitioner, Google Cloud Digital Leader, etc.
What We Look For We’re looking for passionate leaders with a clear vision and a desire to stay on top of trends in the risk industry. If you have a genuine passion for helping businesses achieve their full potential, this role is for you.
What We Offer We offer a comprehensive compensation and benefits package. The salary range for this job in most US locations is $84,400 to $154,700; in New York City Metro Area, Washington State and California (excluding Sacramento) it is $101,300 to $175,800. Total Rewards include medical and dental coverage, pension and 401(k), and generous paid time off. Flexible vacation policy lets you decide how much vacation you need.
Continuous learning
Success as defined by you
Transformative leadership
Diverse and inclusive culture
EY is an equal opportunity employer. If you need accommodation during the application process, please contact EY. For more information, visit EY’s accessibility statements.
Note: This description may include references to internal processes and other roles and is not intended to imply any guarantees about employment or promotions.
#J-18808-Ljbffr
Risk Consulting - Cyber Risk - Senior Consultant - Multiple Cities
role at
EY .
At EY, you’ll have the chance to build a career as unique as you are, with global scale, support, inclusive culture and technology to help you become the best version of yourself. EY is committed to building a better working world.
The opportunity The objective of our consulting risk services is to provide clients with a candid and reliable overview of their risk landscape. For our Cyber Risk services, the ideal candidate will be responsible for identifying, evaluating, and managing cyber risks across the organization. This role involves working closely with IT, security teams, and business units to ensure that our cyber risk posture is aligned with business objectives and regulatory requirements.
Your Key Responsibilities You will operate as a fieldwork leader to assist clients in employing proper information systems, resources, and controls to maximize efficiencies and minimize risk. You will work with client personnel to analyze, evaluate, and enhance information systems facilitating the business internal control process, and assist clients and other Risk Assurance professionals in performing information technology control and security engagements.
Skills And Attributes For Success
Collaborate with other members of the engagement team to plan the engagement and develop work program timelines, risk assessments, and other planning documents. Document business processes dependent on information technology. Serve as a fieldwork leader by directing daily fieldwork progress, informing supervisors of engagement status, and managing staff performance.
Demonstrate a thorough understanding of complex information systems. Use knowledge of the current IT environment and industry IT trends to identify engagement and client service issues. Communicate findings to the engagement team and client management via written and verbal communications. Apply strong project management skills and teamwork to deliver high-quality results.
Conduct comprehensive cyber risk assessments to identify vulnerabilities, threats, and potential impacts.
Develop and implement risk mitigation strategies and controls to protect against cyber threats.
Collaborate with IT and security teams to ensure cybersecurity policies and procedures are up-to-date and effectively implemented.
Monitor the cyber threat landscape and provide timely intelligence to relevant stakeholders.
Facilitate risk management discussions with business leaders to ensure understanding of cyber risk exposure.
Oversee the cyber risk management lifecycle, including risk identification, analysis, response, and monitoring.
Coordinate with external partners to manage and transfer cyber risks where appropriate.
Prepare and present risk reports and dashboards to senior management and the board of directors.
Ensure compliance with laws, regulations, and industry standards related to cybersecurity and data protection.
Conduct training and awareness programs to promote a culture of cybersecurity across the organization.
To qualify for the role you must have
A bachelor’s or master’s degree (Information Technology, Cybersecurity, Risk Management, or related field).
Professional certifications such as CISSP, CISM, CRISC, or similar are highly desirable.
Minimum of 2 years of experience in cybersecurity, risk management, or a related role.
Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001) and regulatory requirements.
Proven experience in risk assessment methodologies and tools.
Excellent analytical and problem-solving skills; strong communication and interpersonal skills to convey complex information to non-technical stakeholders.
Ability to work independently and as part of a team in a fast-paced environment.
Ability to travel outside of the assigned office location at least 50% of the time, plus regional commuting; valid passport required.
Ideally, you’ll also have
Bachelor’s or master’s degree in business, accounting, finance, computer science, information systems, engineering, or related field.
CPA, CA, CISA, CISSP, CISM, CBCP, CIA, CIPP, CGEIT certifications are desirable; non-certified hires may be required to obtain certification for promotion eligibility.
Cloud certifications such as CCSP, CCSK, CCAK, Microsoft Azure Fundamentals, AWS Cloud Practitioner, Google Cloud Digital Leader, etc.
What We Look For We’re looking for passionate leaders with a clear vision and a desire to stay on top of trends in the risk industry. If you have a genuine passion for helping businesses achieve their full potential, this role is for you.
What We Offer We offer a comprehensive compensation and benefits package. The salary range for this job in most US locations is $84,400 to $154,700; in New York City Metro Area, Washington State and California (excluding Sacramento) it is $101,300 to $175,800. Total Rewards include medical and dental coverage, pension and 401(k), and generous paid time off. Flexible vacation policy lets you decide how much vacation you need.
Continuous learning
Success as defined by you
Transformative leadership
Diverse and inclusive culture
EY is an equal opportunity employer. If you need accommodation during the application process, please contact EY. For more information, visit EY’s accessibility statements.
Note: This description may include references to internal processes and other roles and is not intended to imply any guarantees about employment or promotions.
#J-18808-Ljbffr