Senior - TPRM/IT Audit

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

EY as a trusted advisor, clients from all industries look to us for trusted solutions for their increasingly complex risks and vulnerabilities. The global risk landscape is continuously changing due to market volatility, geopolitical crises, wide-spread economic changes, regulatory reforms, and cyber threats. As a result, there has been increased pressure from the board of directors and investors to effectively monitor and manage risk.

The Third-Party Risk Management team helps clients make strategic investments and focus on the right areas to effectively manage third-party risks. This service, made possible through our global delivery centres and technology partnerships, is designed in a flexible manner to reflect companies' variable stages of readiness when it comes to managing third-party risk.

The opportunity

We currently have a career opportunity for a Senior Consultant to join our Third-Party Risk Management (TPRM) competency in GDS Trivandrum/ Kochi office to be responsible for delivery of TPRM projects or elements of multiple consulting engagements including development framework, operating model, assessments, and related activities.

Your key responsibilities

• Delivery of TPRM engagements/ projects
• Design and implementation of operating models, identifying, evaluating, and providing solutions to evaluate complex business and technology risks
• Build connect with client stakeholders, understand their business challenges/pain areas, and work with EY leadership to propose innovative solutions
• Perform third party assessments and guide the client to mitigate the identified risk
• Adhere strictly to fulfil project activities to achieve exceptional client service
• Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress
• Conduct research and assist senior team members in preparing client presentations and information memorandums
• Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments
• Support management in the preparation of proposals and business development materials
• Demonstrate detailed knowledge of market trends, competitor activities, EY products, and service lines

Skills and attributes for success

• Technical experience and who can seamlessly work with the team and the client to create plans for accomplishing engagement objectives.
• Ability to drive client discussions and conduct risk assessment for identified third parties
• Leverage industry leading practice and trends to provide valuable insights to clients
• Develop risk programs and methodologies and implement technology to enable the client organization
• Understand EY and its service lines and actively assess/present ways to serve clients
• Contribute towards team building and strengthening team competency on third party assessments and risk consulting

To qualify for the role, you must have

• A bachelor's degree and approximately 3 to 5 years of work experience in Third Party Risk Management
• Experience of external/ internal audit for at least 1 year
• Experience in TPRM/TPraaS tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.).
• Very good knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI - DSS, HITRUST, etc.
• Very good knowledge of privacy regulations such as GDPR, CCPA, etc.
• Very good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc.
• Good understanding of the contract risk review management process.
• An understanding of and/or knowledge of diverse set of risks associated to third parties such as geopolitical risk, reputational risk, financial risk, regulatory and compliance risk, digital risk, cyber and privacy risk, operational risk, strategic risk and business continuity & resiliency risk
• Knowledge of any of the following industries/sectors: healthcare, life sciences, media & entertainment, technology & telecom, consumer products & retail, and power & utilities, including relevant regulatory requirements (e.g., HIPAA for healthcare, NERC CIP for power & utilities)
• Proven solid analytical and problem-solving skills; excellent writing and communication skills
• Experience with current state assessment/diagnostic, design & build, enhancement, and implementation of third-party risk management programs including governance & oversight, third-party inventory, risk approach and models, policies, and standards, TPRM processes and technology, automation, and reporting
• Knowledge and experience related to the diverse set of risks associated to third parties such as geopolitical risk, reputational risk, financial risk, regulatory and compliance risk, digital risk, cyber and privacy risk, operational risk, strategic risk, and business continuity & resiliency risk
• Knowledge of any of the following industries/sectors: finance, oil and gas, healthcare, life sciences, media & entertainment, technology & telecom, consumer products & retail, and power & utilities, including relevant regulatory requirements
• Proven solid analytical and problem-solving skills; excellent writing and communication skills
• A willingness to travel estimated at 60-80%

Ideally, you'll also have

• Strong presentation and communication skills and ability to speak and work with Business Units, Top Management
• CA, CIA, CISA, CISM, CISSP or other relevant certification

What we look for

• We're interested in intellectually curious people with a genuine passion in resolving client's third-party risk concerns. With your broad exposure across TPRM, we'll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.

What working at EY offers

At EY, we're dedicated to helping our clients, from start-ups to Fortune 500 companies - and the work we do with them is as varied as they are.
You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that's right for you

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.