EY
Cyber Compliance (Vulnerability Management Lead) - Assistant Director
EY, New Orleans, Louisiana, United States, 70123
Overview
Cyber Compliance (Vulnerability Management Lead) - Assistant Director at EY. Join to apply for the Cyber Compliance (Vulnerability Management Lead) - Assistant Director role at EY. Location: Anywhere in Country Your Key Responsibilities
Lead operational oversight of vulnerability management and governance efforts. Ensure vulnerability remediation SLAs are met across the organization and enhance governance processes. Drive continuous improvement in risk reduction practices. Combine strong program management skills with solid understanding of vulnerability management, governance, and stakeholder engagement. Skills And Attributes For Success
Leads Vulnerability Management activities within the Americas Cyber Compliance program, including but not limited to: Process Governance & Enablement: Maintain processes to integrate vulnerability governance into business-as-usual operations. Standardize workflows for asset ownership verification, vulnerability prioritization, and remediation tracking. Collaborate with Global IT and Information Security teams to align governance policies with industry best practices and regulatory requirements. Create and disseminate enabler materials (guides, FAQs, process overviews) to improve remediation efficiency. Develop awareness campaigns to promote vulnerability management and compliance. SLA Compliance & Monitoring: Oversee and track enterprise-wide SLA compliance for vulnerability remediation; analyze trends and address non-compliance with asset owners. Escalate risks related to overdue vulnerabilities to leadership per established protocols. Design, maintain, and optimize dashboards and reporting for executives, asset owners, and security teams. Stakeholder Communication & Reporting: Deliver clear communications on vulnerability status, risks, and program updates; build strong relationships with IT, security, business units, and leadership. Deliver regular compliance and risk status updates to leadership and stakeholders. Continuous Improvement: Lead initiatives to increase SLA compliance and improve remediation workflows; stay informed on industry trends and best practices. Qualifications
To qualify for the role, you must have: Strong verbal and written communication skills; solid understanding of firm business and information security issues; strong problem-solving and initiative. Ability to right-size risk; strong research and project management skills; good working knowledge of information systems and common software packages. Bachelor’s degree or equivalent work experience; Graduate degree preferred. 4-7 plus years related experience. Ideally, you’ll have
Ability to reference existing firm information security and data protection policies; experience proposing solutions in complex situations. Strong knowledge of global, national, and local data protection laws and standards; familiarity with other risk management initiatives. Understanding of high-level information security trends; experience in information security and with frameworks (ISO, NIST). Information security certification from ISC2 or ISACA (e.g., CISSP, CISM, CISA). Knowledge of artificial intelligence and associated risks is preferred. What We Offer You
Comprehensive compensation and benefits; salary ranges: $111,100 to $207,800 (US); $133,300 to $236,100 for NYC Metro, WA, and CA (excluding Sacramento). Total Rewards includes medical/dental, pension and 401(k), and paid time off. Hybrid working model; expected in-person collaboration 40-60% of the time for client-facing roles. Flexible vacation policy; additional leaves for holidays, personal/family care, and well-being needs. Are you ready to shape your future with confidence? Apply today. EY accepts applications on an ongoing basis. For California residents, please click here for additional information. EY is committed to equal employment opportunities and reasonable accommodations as needed. Seniority level
Mid-Senior level Employment type
Full-time Job function
Other Professional Services
#J-18808-Ljbffr
Cyber Compliance (Vulnerability Management Lead) - Assistant Director at EY. Join to apply for the Cyber Compliance (Vulnerability Management Lead) - Assistant Director role at EY. Location: Anywhere in Country Your Key Responsibilities
Lead operational oversight of vulnerability management and governance efforts. Ensure vulnerability remediation SLAs are met across the organization and enhance governance processes. Drive continuous improvement in risk reduction practices. Combine strong program management skills with solid understanding of vulnerability management, governance, and stakeholder engagement. Skills And Attributes For Success
Leads Vulnerability Management activities within the Americas Cyber Compliance program, including but not limited to: Process Governance & Enablement: Maintain processes to integrate vulnerability governance into business-as-usual operations. Standardize workflows for asset ownership verification, vulnerability prioritization, and remediation tracking. Collaborate with Global IT and Information Security teams to align governance policies with industry best practices and regulatory requirements. Create and disseminate enabler materials (guides, FAQs, process overviews) to improve remediation efficiency. Develop awareness campaigns to promote vulnerability management and compliance. SLA Compliance & Monitoring: Oversee and track enterprise-wide SLA compliance for vulnerability remediation; analyze trends and address non-compliance with asset owners. Escalate risks related to overdue vulnerabilities to leadership per established protocols. Design, maintain, and optimize dashboards and reporting for executives, asset owners, and security teams. Stakeholder Communication & Reporting: Deliver clear communications on vulnerability status, risks, and program updates; build strong relationships with IT, security, business units, and leadership. Deliver regular compliance and risk status updates to leadership and stakeholders. Continuous Improvement: Lead initiatives to increase SLA compliance and improve remediation workflows; stay informed on industry trends and best practices. Qualifications
To qualify for the role, you must have: Strong verbal and written communication skills; solid understanding of firm business and information security issues; strong problem-solving and initiative. Ability to right-size risk; strong research and project management skills; good working knowledge of information systems and common software packages. Bachelor’s degree or equivalent work experience; Graduate degree preferred. 4-7 plus years related experience. Ideally, you’ll have
Ability to reference existing firm information security and data protection policies; experience proposing solutions in complex situations. Strong knowledge of global, national, and local data protection laws and standards; familiarity with other risk management initiatives. Understanding of high-level information security trends; experience in information security and with frameworks (ISO, NIST). Information security certification from ISC2 or ISACA (e.g., CISSP, CISM, CISA). Knowledge of artificial intelligence and associated risks is preferred. What We Offer You
Comprehensive compensation and benefits; salary ranges: $111,100 to $207,800 (US); $133,300 to $236,100 for NYC Metro, WA, and CA (excluding Sacramento). Total Rewards includes medical/dental, pension and 401(k), and paid time off. Hybrid working model; expected in-person collaboration 40-60% of the time for client-facing roles. Flexible vacation policy; additional leaves for holidays, personal/family care, and well-being needs. Are you ready to shape your future with confidence? Apply today. EY accepts applications on an ongoing basis. For California residents, please click here for additional information. EY is committed to equal employment opportunities and reasonable accommodations as needed. Seniority level
Mid-Senior level Employment type
Full-time Job function
Other Professional Services
#J-18808-Ljbffr