Ernst & Young LLP ( EY India )

Senior Third-Party Risk Management Specialist

Ernst & Young LLP ( EY India )
Thiruvananthapuram
Not disclosed
Work from OfficeWork from Office
Full TimeFull Time
Min. 4 yearsMin. 4 years

Job Description

TC - CS - SRCR - TPRM - Senior

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

EY- Cyber Risk Compliance and Resilience –TPRM Senior

As part of our EY Cyber Risk and Compliance Consulting (CRCR) team, you will contribute technically to Cyber Security client engagements and internal projects. The role involves managing Third-Party Risk Management (TPRM) engagements, ensuring that our clients effectively identify, assess, and mitigate risks associated with third-party relationships. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships.

The opportunity

We are looking for TPRM Senior with expertise in cyber security, risk management, and security controls testing concepts. This role offers a unique opportunity to contribute to the growth of our TPRM service offering while upholding EY’s commitment to quality and excellence. In line with EY’s commitment to quality, you will confirm that work is of the highest quality as per EY’s quality standards. You will help to create a positive learning culture, coach and counsel junior team members and help them to develop. As an influential member of the team, you will help to create a positive learning culture, coach and counsel junior team members and help them to develop.

Your key responsibilities

To assist in the delivery of third-party risk management engagements. This includes:

  • Risk Assessment and Management: Conduct comprehensive risk assessments of third-party vendors to identify potential risks and vulnerabilities. Draft and explain risk mitigation strategies to minimize exposure to third-party risks.
  • Policy Development and Compliance : Collaborate with stakeholders to develop or update third-party risk management policies and procedures. Ensure compliance with regulatory requirements and internal policies related to third-party engagements.
  • Third Party Due Diligence: Oversee the third-party due diligence process, including cyber, privacy, resiliency and compliance assessments.
  • Cross-Functional Collaboration: Work closely with various departments (e.g., Security, Legal, Compliance, IT) to ensure a holistic approach to third-party risk management. Explain Risk/Findings or other assessment related deliverables to client stakeholders. Facilitate communication and training on third-party risk management best practices across the organization.
  • Reporting and Analytics : Prepare and present regular reports on third-party risk exposure and management activities to client senior leadership. Utilize data analytics to identify trends and areas for improvement in third-party risk management processes.
  • Incident Management: Lead investigations into third-party incidents and breaches, ensuring appropriate corrective actions are taken. Maintain an incident response plan specific to third-party risks.
  • Continuous Improvement: Stay informed about industry trends, emerging risks, and best practices in third-party risk management. Recommend enhancements to the third-party risk management framework based on evolving business needs and regulatory changes.

Skills and attributes for success

  • Cyber Security Skills: Around 5 years of experience with key components of Cyber Security including (but not limited to):
    • Third Party Risk Management (End to end TPRM lifecycle)
    • Cyber Governance, Risk and Compliance
    • Cyber Strategy & Transformation
    • Business Continuity & Disaster Recovery
    • Basic knowledge of general security concepts, including defence-in-depth, least privilege, security architecture and design, networking, architecture reviews, VAPT, IDS/IPS technologies, SIEM, and resiliency concepts such as business continuity and workplace safety.
  • TPRM Skills: Experience in client-facing roles, managing cyber security and resiliency-based third-party risk assessments from start to finish. Ability to lead third-party assessments, providing technical guidance to assessors and facilitating decision-making during evidence reviews.
  • Analytical Skills: Strong ability to analyze complex data and risk factors to make informed decisions regarding third-party relationships.
  • Attention to Detail: Meticulous attention to detail in assessing vendor documentation, contracts, and compliance requirements to ensure thorough evaluations.
  • Communication Skills: Excellent verbal and written communication skills to effectively convey risk assessments and recommendations to stakeholders at all levels.
  • Problem-Solving Abilities: Proactive and strategic thinker with a knack for identifying potential issues and developing effective solutions to mitigate risks.
  • Interpersonal Skills: Strong relationship-building skills to foster collaboration with internal teams and external vendors, ensuring alignment on risk management objectives.
  • Project Management: Proven ability to manage multiple projects simultaneously, prioritize tasks, and meet deadlines in a fast-paced environment.
  • Regulatory Knowledge: In-depth understanding of relevant regulations and compliance requirements related to third-party risk management, including data privacy and security standards such as ISO 27001, NIST 800-53, PCI DSS, HIPAA, HITRUST, GDPR, CCPA, COBIT, OWASP Top 10 etc.
  • Technical Proficiency: Familiarity with risk management software and tools, as well as proficiency in data analysis and reporting tools (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.).
  • Adaptability: Ability to adapt to changing business environments and evolving regulatory landscapes, demonstrating flexibility in approach and mindset.
  • Leadership Qualities: Strong leadership skills to guide and mentor junior team members, fostering a culture of risk awareness and compliance within the organization.

Qualify for the role, you must have.

  • A bachelor’s degree in computer science, computer/ electrical engineering, information technology or a related field
  • At least 4 years of relevant experience cyber security and Third-Party Risk Management
  • One mandatory certification - CISSP, CISA, CISM, CTPRP, CTPRA, CIPP, ISO 27001
  • Knowledge of TPRM tools like OneTrust, ProcessUnity, ServiceNow, Archer along with external data providers like SecurityScorecard, BitSight, etc.
    • Proficient in below areas of cybersecurity:
    • Access Control
    • Asset Management
    • Business Continuity Management
    • Communications Security
    • Information Security Incident Management
    • Information Security Policies
    • Operations Security
    • Physical and Environmental Security
    • Third Party Relationships
    • System Acquisition, Development, and Maintenance
    • Cloud Security
    • Compliance
    • Human Resource Security
    • Privacy
  • Experience in client service delivery and be able to manage multiple engagement teams and projects.
  • Program and Project Management skills.

Ideally, you will also have

  • Strong analytical and problem-solving skills
  • Strong drive to excel professionally, and to guide and motivate others.
  • Excellent interpersonal, written, verbal, communication, and presentation skills.

What we look for

  • Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry.
  • An effective communicator, you will be a confident leader equipped with strong people management skills and a genuine passion to make things happen in a dynamic organization.
  • An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide.
  • Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries.

EY | Building a better working world



EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.



Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.



Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Job role

Work location
Work locationTrivandrum, KL, IN, 695581 +2 more…
Department
DepartmentRisk Management & Compliance
Role / Category
Role / CategoryRisk Management - Assessment / Advisory
Employment type
Employment typeFull Time
Shift
ShiftDay Shift

Job requirements

Experience
ExperienceMin. 4 years

About company

Name
NameErnst & Young LLP ( EY India )
Job posted by Ernst & Young LLP ( EY India )

Similar jobs you can apply for

Accounts / Finance

Assistant Fashion Designer

Paisley
Pattom, Thiruvananthapuram
₹14,000 - ₹28,000*
Work from Office
Full Time
Any experience
Basic English
2Coms Consulting Pvt Ltd.

Beauty Advisor

2Coms Consulting Pvt Ltd.
Thiruvananthapuram
₹15,000 - ₹25,000
Work from Office
Full Time
Any experience
Basic English
Pranavam Solutions Private Limited

Account Assistant

Pranavam Solutions Private Limited
Thiruvananthapuram
₹25,000 - ₹25,001
Work from Office
Full Time
Min. 1 year
Basic English
Sbi Cards And Payment Services Limited

Branch Relationship Executive (Inside Bank & Corporate Connect )

Sbi Cards And Payment Services Limited
Thiruvananthapuram
₹25,000 - ₹33,000*
Work from Office
Full Time
Any experience
Basic English
Medplus

Customer Service Associate

Medplus
Thiruvananthapuram
₹18,000 - ₹26,000*
Work from Office
Full Time
Any experience
No English Required
Quess Corp Limited

Branch Relationship Executive

Quess Corp Limited
Thiruvananthapuram
₹20,000 - ₹45,000*
Work from Office
Full Time
Any experience
Basic English

You can expect a minimum salary of 0 INR. The salary offered will depend on your skills, experience and performance in the interview.

The candidate should have completed the required education and people who have 4 to 31 years are eligible to apply for this job. You can apply for more jobs in Thiruvananthapuram to get hired quickly.

The candidate should have sound communication skills and sound communication skills for this job.

Both Male and Female candidates can apply for this job.

No, it's not a work from home job and can't be done online. You can explore and apply for other work from home jobs in Thiruvananthapuram at apna.

No work-related deposit needs to be made during your employment with the company.

Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview.

The last date to apply for this job is . For more details, download apna app and find Full Time jobs in Thiruvananthapuram . Through apna, you can find jobs in 64 cities across India. Join NOW!