EY · 3 days ago
Control & Risk Assessment Leader
Wonder how qualified you are to the job?
Maximize your interview chances
AccountingAdvice
H1B SponsorshipGrowth Opportunities
Insider Connection @EY
Responsibilities
Build a Control and Risk Assessment program that identifies potential risks and validates mitigation controls by conducting regular and systematic assessments of the organization's IT infrastructure, including networks, systems, applications, and data processes.
Assist control owners with the design and implementation of their controls in the organization's IT environment based on assessment results.
Create a 1st Line Testing framework to enhance security culture and support control ownership roles and responsibilities.
Strategize on the appropriate amount of preventive, detective, or corrective controls to reduce overall risk for the firm.
Assist with the development of a long-term vision for Information Security’s Technology Assurance, Risk, and Policy direction.
Stay informed of changes in information security, regulatory requirements, audit standards, and industry trends, adjusting strategies as necessary.
Build and maintain relationships with internal and external leaders to ensure awareness and understanding of potential strategic directions.
Plan the training and development of staff to maintain state-of-the-art knowledge in information security.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
10+ years of experience in the Information Technology, Information Security and/or Risk Management field(s)
Audit experience or a demonstrated ability to design and test technology controls
5+ years of experience in managing and mentoring junior and senior level staff
Experience leading global and virtual teams
High proficiency in technical and general writing skills in English
An advanced degree in Computer Science, Information Security, or a related field; equivalent work experience will be considered on a case-by-case basis
Preferred
Certified Risk and Information Systems Control (CRISC)
Certified Information Systems Security Processional (CISSP)
Certified Information Security Manager (CISM)
Certified Information System Auditor (CISA)
Certified Internal Auditor (CIA)
Global Information Assurance Certification (GIAC) in related area
CIPP
CIPT
A working knowledge of external control standards like ISO 27001, NIST 800-53, COBIT, etc. and regulatory requirements like GDPR and SOX
Skilled in Microsoft Office and M365 products; primarily Word, Excel, PowerPoint, SharePoint, PowerApps, and PowerBI
Experience with RSA Archer or other GRC tools
Benefits
Medical and dental coverage
Flexible vacation policy
EY Paid Holidays
Winter/Summer breaks
Personal/Family Care leaves
Continuous learning opportunities
Tools and flexibility for success
Transformative leadership insights
Diverse and inclusive culture
Company
EY
EY exists to build a better working world, helping create long-term value for clients, people and society and build trust in the capital markets.
H1B Sponsorship
EY has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Trends of Total Sponsorships
2023 (7267)
2022 (9628)
2021 (6575)
2020 (7115)
Funding
Current Stage
Late StageLeadership Team
Recent News
2024-04-18
2024-04-17
Company data provided by crunchbase