06 ene
Ey
Xico
**EY GDS Consulting - Non-financial Services **-** Third-Party Risk Management as a Service (TPRaaS) - Senior Manager**
As part of our EY- TPRaaS, you will help clients enhance their business performance by translating their strategies into realities.
Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance.
**The opportunity**
We're looking for Senior Managers with expertise in **Third-Party Risk Management** to join the leadership group of our **EY- TPRaaS team**.
This is a lucrative opportunity to be part of a leading firm while being instrumental in the growth of a new service offering.
**Your key responsibilities**
- **
Manage the delivery of TPRaaS engagements.
**:
- ** Review technology enhancement requirements such as Automation, Data Analytics, AI to support TPRaaS processes.
**:
- ** Manage the design and implementation of TPRaaS operating models, identifying, evaluating, and providing solutions to evaluate complex business and technology risks.
**:
- ** Build connect with client stakeholders, understand their business challenges/pain areas, and work with leadership to propose innovative solutions.
**:
- ** Lead process walkthrough discussions to document end-to-end business processes and functional requirements.
**:
- ** Lead the selection and tailoring of approaches, methods, and tools to support project scope.
**:
- **Demonstrate detailed knowledge of market trends, competitor activities, EY products, and service lines.
**:
- ** Generate innovative ideas and challenge the status quo.
**:
- ** Build and nurture positive working relationships with clients to achieve exceptional client service.
**:
- ** Identify opportunities to improve engagement profitability.
**:
- ** Help manage the financial aspects of engagements by organizing staffing, tracking financials, proactive Project management, and tracking of issues.
**:
- **Support leadership to drive business development initiatives and account mining activities.
**:
- ** Build strong internal relationships within EY Consulting Services and with other services across the organization.
**
**Skills and attributes for success**
- **
Develop people through effective coaching and mentoring.
**:
- ** Should cross skill and cross-train the team members as per the business requirements.
**:
- **Conduct performance reviews and contribute to performance feedback.
**:
- ** Contribute to people-related initiatives including recruiting, retaining, appraisal and training**:
- ** Contribute towards building and strengthening team competency for controls transformation, third party assessments, and technology consulting.
**:
- ** Participate in organization-wide people initiatives.
**:
- ** Maintain an educational program to develop skills of team members and self continually.
**
**To qualify for the role, you must have**
- **
8+ years of experience in Risk Management domain across Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures).
**:
- ** Deep understanding of the TPRM/TPraaS framework, Risk Management, Information Security practices.
**:
- ** Experience in TPRM/TPraaS tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer,
ServiceNow, etc.).
**
- **
Strong knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI - DSS, HITRUST, etc.
**:
- **Strong knowledge of privacy regulations such as GDPR, CCPA, etc.
**:
- ** Strong knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc.
**:
- ** Good understanding of the contract risk review management process.
**:
- ** Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management.
**:
- ** Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.
), Security architecture design and review**:
- **Strong familiarity with OWASP and Secure SDLC standards/frameworks,
anti-virus solutions (e.g., Symantec, McAfee, etc.).
**:
- ** Sound experience in LAN/WAN architectures and reviews.
**:
- ** Strong knowledge of incident management, disaster recovery, and business continuity management, cryptography.
**:
- ** Prior Big-4/consulting experience preferred.
**:
- ** Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer.
**
**Ideally, you'll also have**
- **
Exposure to initiatives to support practice development.
**:
- ** Client interaction chances to tab opportunities for constant growth and improvement.
**:
- ** Support pursuits, client proposals by directly working with the regional partners and senior Senior Managers as required.
**
**What we look for**
- A Team
Muestra tus habilidades a la empresa, rellenar el formulario y deja un toque personal en la carta, ayudará el reclutador en la elección del candidato.