Data Protection - Technology Risk and Compliance Supervising Associate
Washington, DC, US, 20005
EY
EY provides consulting, assurance, tax and transaction services that help solve our client’s toughest challenges and build a better working world for all.Location: Flexible Anywhere in the US
Technology Risk & Compliance - Supervising Associate
Ethics, Compliance, and Risk Management (ECRM) supports our people in managing the risks that arise during our daily working lives. We work closely with all parts of the organization to identify, manage and monitor risk, providing coordinated advice and assistance on independence, conflicts, compliance, regulatory, policy, security issues, as well as dealing with claims and any queries regarding ethics.
The opportunity
We are operating in an increasingly connected world that is changing how to manage risk. With fast-paced technology advancements, new innovations within emerging technologies, and an ever-challenging regulatory environment, it is business critical for our organization to identify not only the risks but the opportunities these present to us. As a Supervising Associate with our Technology Risk and Compliance (TRC) function, you will make educated, thoughtful decisions. Our brand depends on it. It’s all part of our long-term commitment to building a better working world and in return, you can expect plenty of opportunities to take on new responsibilities and develop your career.
Your key responsibilities
As part of EY Americas Technology Risk and Compliance function, you will assist in the development, implementation, and monitoring of various program initiatives. We are looking for a high performing Supervising Associate to assist in the execution of strategic and operational program initiatives. This position requires in-depth subject matter knowledge. The Technology Risk and Compliance function is focused on delivering technology risk insights and mitigating actions to the business to enable better risk-based decisions and align with client expectations.
Skills and attributes for success
- Drives activities within the Technology Risk and Compliance function of the ECRM program, including but not limited to:
- Leading risk consultations including steering risk consultations regarding the implementation of new technologies, acting as a central figure in managing potential threats. This includes but not limited to engaging the appropriate stakeholders based on the risk profile and identifying risk mitigating controls and activities,
- Executing information security assessments to identify information security risks across our Americas technology environment,
- Supporting risk mitigation and surveillance activities involving aspects such as third-party management, technology governance, awareness, and policy formulation, data security, business continuity planning, identity and access administration, application risk valuations, and ensuring compliance with essential norms.
- Assists with strategy formation, direction, and portfolio stewardship of information security risk management activities,
- Assists in analyzing related legal and regulatory developments to confirm applicable requirements,
- Assists in maintaining and updating related EY policies, guidance, training, and awareness communication plan to reflect new and/or changes to data protection laws, regulations, and standards,
- Collaborates with various functions across the organization, such as EY’s Global Information Security, and members of the business and Service Line Quality, to design and implement controls in order to protect confidential/personal information,
- Creates reports on various program activities to be delivered to key program stakeholders, including senior leaders within the organization,
- Continuously maintains and expands knowledge of field of expertise and communicates new developments and resulting impact to program stakeholders and team members, and
- Participates in various ad-hoc program projects, as needs develop.
To qualify for the role, you must have
- Strong verbal and written communication skills
- Solid understanding of relevant firm business and area wide data protection issues and concerns
- Strong problem-solving skills
- Flexibility and the ability to take the initiative
- Ability to right-size risk
- Strong research skills
- Strong project management skills; ability to successfully handle multiple tasks
- Good working knowledge of information systems and common software packages
- Bachelor’s degree or equivalent work experience; Graduate degree preferred
- 3-6 plus years related experience
Ideally, you’ll have
- Ability to reference existing firm information security and data protection policies as well as knowledge and experience to review complex situations and assist in proposing solutions
- Strong knowledge of relevant global, national, and local data protection laws, regulations, and standards, as well as familiarity with other risk management initiatives outside of their specific area
- Sound understanding of high-level technology and information security trends
- Experience in IT risk management and information security
- Experience with information security frameworks (e.g., ISO, NIST)
- Information security certification from ISC2 or ISACA (e.g., CISSP, CISM, CISA)
- Knowledge of Artificial Intelligence and associated risks is preferred
What we look for
We’re interested in people that will be able to right-size risk and recommend creative solutions to complex problems, as well as make significant contributions to complex Ethics, Risk Management, and Compliance projects.
What working at EY offers
We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, both pension and 401(k) plans, a minimum of 18 days of paid time off with additional time based on your level and years of service plus 12 observed holidays, and a range of programs and benefits designed to support your physical, financial and social well-being.
About EY
As a global leader in assurance, tax, transaction and advisory services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. So that whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
Join us in building a better working world. Apply now.
What we offer We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The salary range for this job in most geographic locations in the US is $79,200 to $143,800. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $95,100 to $163,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
Tags: Artificial Intelligence CISA CISM CISSP Compliance Governance ISACA Monitoring NIST Risk management Security assessment Strategy Surveillance
Perks/benefits: Career development Competitive pay Flex hours Flex vacation Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs