EY
Cyber Compliance (Vulnerability Management Lead) - Assistant Director
EY, Louisville, Kentucky, us, 40201
Cyber Compliance (Vulnerability Management Lead) - Assistant Director
Location: Anywhere in Country At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Cyber Compliance (Vulnerability Management Lead) – Assistant Director Ethics, Compliance, and Risk Management (ECRM)
supports our people in managing the risks that arise during our daily working lives. We work closely with all parts of the organization to identify, manage and monitor risk, providing coordinated advice and assistance on independence, conflicts, compliance, regulatory, policy, security issues, as well as dealing with claims and any queries regarding ethics. The opportunity We are operating in an increasingly connected world that is changing how to manage risk. With fast-paced technological advancements, new innovations within emerging technologies, and an ever-challenging regulatory environment, it is business critical for our organization to identify not only the risks but the opportunities these present to us. As an Assistant Director with our Data Protection function, focused on cyber compliance, you will make educated, thoughtful decisions. Our brand depends on it. It’s all part of our long-term commitment to building a better working world and in return, you can expect plenty of opportunities to take on new responsibilities and develop your career.
Your Key Responsibilities Lead operational oversight of our vulnerability management and governance efforts. Ensure vulnerability remediation SLAs are met across the organization. Enhance governance processes and drive continuous improvement in risk reduction practices. Combine program management with a solid understanding of vulnerability management, governance, and stakeholder engagement.
Skills And Attributes For Success Leads Vulnerability Management activities within the Americas Cyber Compliance program. Process Governance & Enablement: Maintain processes to integrate vulnerability governance into business-as-usual operations; Standardize workflows for asset ownership verification, vulnerability prioritization, and remediation tracking. Collaboration: Work with Global IT and Information Security teams to ensure governance policies align with industry best practices and regulatory requirements. Materials & Campaigns: Create and disseminate enablement materials and develop awareness campaigns to promote vulnerability management and compliance. SLA Compliance & Monitoring: Oversee and track enterprise-wide SLA compliance for vulnerability remediation; analyze trends and address gaps with asset owners; escalate risks as needed. Reporting: Design, maintain, and optimize dashboards and reporting mechanisms for executives, asset owners, and security teams. Stakeholder Communication: Develop and deliver clear communications on vulnerability status, risks, and program updates; build relationships with Global IT, Information Security, business units, and leadership. Continuous Improvement: Identify and lead initiatives to increase SLA compliance and improve remediation workflows; stay informed on industry trends and best practices.
To qualify for the role, you must have Strong verbal and written communication skills Solid understanding of relevant firm business and area wide information security issues Strong problem-solving skills Flexibility and the ability to take the initiative Ability to right-size risk Strong research skills Strong project management skills: ability to successfully handle multiple tasks Working knowledge of information systems and common software packages Bachelor’s degree or equivalent work experience; Graduate degree preferred 4-7+ years related experience
Ideally, you’ll have Ability to reference existing firm information security and data protection policies and propose solutions Strong knowledge of global, national, and local data protection laws, regulations, and standards Understanding of high-level information security trends Experience in information security and with information security frameworks (ISO, NIST) Information security certifications (e.g., CISSP, CISM, CISA) Knowledge of Artificial Intelligence and associated risks is preferred
What We Offer You Competitive compensation with a comprehensive benefits package; salary ranges vary by location. EY offers a Total Rewards package including medical and dental coverage, pension and 401(k), and paid time off options. Hybrid work model: most client-facing roles are expected to work in person 40-60% of the time. Flexible vacation policy along with holidays and other leaves to support well-being.
Are you ready to shape your future with confidence? Apply today. EY accepts applications on an ongoing basis. For California residents, additional information is available. EY focuses on high ethical standards and integrity and expects all candidates to demonstrate these qualities. EY | Building a better working world. EY is committed to equal employment opportunities and provides reasonable accommodation to qualified individuals with disabilities throughout the application process. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. We operate in more than 150 countries and territories.
#J-18808-Ljbffr
Location: Anywhere in Country At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Cyber Compliance (Vulnerability Management Lead) – Assistant Director Ethics, Compliance, and Risk Management (ECRM)
supports our people in managing the risks that arise during our daily working lives. We work closely with all parts of the organization to identify, manage and monitor risk, providing coordinated advice and assistance on independence, conflicts, compliance, regulatory, policy, security issues, as well as dealing with claims and any queries regarding ethics. The opportunity We are operating in an increasingly connected world that is changing how to manage risk. With fast-paced technological advancements, new innovations within emerging technologies, and an ever-challenging regulatory environment, it is business critical for our organization to identify not only the risks but the opportunities these present to us. As an Assistant Director with our Data Protection function, focused on cyber compliance, you will make educated, thoughtful decisions. Our brand depends on it. It’s all part of our long-term commitment to building a better working world and in return, you can expect plenty of opportunities to take on new responsibilities and develop your career.
Your Key Responsibilities Lead operational oversight of our vulnerability management and governance efforts. Ensure vulnerability remediation SLAs are met across the organization. Enhance governance processes and drive continuous improvement in risk reduction practices. Combine program management with a solid understanding of vulnerability management, governance, and stakeholder engagement.
Skills And Attributes For Success Leads Vulnerability Management activities within the Americas Cyber Compliance program. Process Governance & Enablement: Maintain processes to integrate vulnerability governance into business-as-usual operations; Standardize workflows for asset ownership verification, vulnerability prioritization, and remediation tracking. Collaboration: Work with Global IT and Information Security teams to ensure governance policies align with industry best practices and regulatory requirements. Materials & Campaigns: Create and disseminate enablement materials and develop awareness campaigns to promote vulnerability management and compliance. SLA Compliance & Monitoring: Oversee and track enterprise-wide SLA compliance for vulnerability remediation; analyze trends and address gaps with asset owners; escalate risks as needed. Reporting: Design, maintain, and optimize dashboards and reporting mechanisms for executives, asset owners, and security teams. Stakeholder Communication: Develop and deliver clear communications on vulnerability status, risks, and program updates; build relationships with Global IT, Information Security, business units, and leadership. Continuous Improvement: Identify and lead initiatives to increase SLA compliance and improve remediation workflows; stay informed on industry trends and best practices.
To qualify for the role, you must have Strong verbal and written communication skills Solid understanding of relevant firm business and area wide information security issues Strong problem-solving skills Flexibility and the ability to take the initiative Ability to right-size risk Strong research skills Strong project management skills: ability to successfully handle multiple tasks Working knowledge of information systems and common software packages Bachelor’s degree or equivalent work experience; Graduate degree preferred 4-7+ years related experience
Ideally, you’ll have Ability to reference existing firm information security and data protection policies and propose solutions Strong knowledge of global, national, and local data protection laws, regulations, and standards Understanding of high-level information security trends Experience in information security and with information security frameworks (ISO, NIST) Information security certifications (e.g., CISSP, CISM, CISA) Knowledge of Artificial Intelligence and associated risks is preferred
What We Offer You Competitive compensation with a comprehensive benefits package; salary ranges vary by location. EY offers a Total Rewards package including medical and dental coverage, pension and 401(k), and paid time off options. Hybrid work model: most client-facing roles are expected to work in person 40-60% of the time. Flexible vacation policy along with holidays and other leaves to support well-being.
Are you ready to shape your future with confidence? Apply today. EY accepts applications on an ongoing basis. For California residents, additional information is available. EY focuses on high ethical standards and integrity and expects all candidates to demonstrate these qualities. EY | Building a better working world. EY is committed to equal employment opportunities and provides reasonable accommodation to qualified individuals with disabilities throughout the application process. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. We operate in more than 150 countries and territories.
#J-18808-Ljbffr