FS-TR-ITC-Manager-Cloud Risk

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

JOB DESCRIPTION--Manager –Cloud Risk

Job Summary

Cloud Risk focuses on proactively identifying and managing risks across the cloud environment in real-time, to enable business functionality and provide operational stability. Bringing Cloud Risk to life requires actions beyond refining existing Cloud methodologies and operating models. In this role, you will advise clients in identifying and managing Cloud security risks to their IT environments. You’ll also identify potential business opportunities for EY within existing engagements and enable new wins.

Responsibilities

• Develop an understanding of client’s cloud architecture and platforms, current transformation efforts, process execution, and/or culture and skillsets across competencies including, but not limited to Technology and Data Public and Hybrid Cloud Technologies, Data Governance, Tech Transformation, and Path to Production/Tech Change Management.
• Understand the implications that are driving the increased level of risk for each identified risk contributor; consider risk impacts that directly affect the client’s desired target state and how these risks can be mitigated using a combination of technology and process enhancements.
• Develop a strategy to Derisk the Cloud environment across current risk contributors; identify interaction points between the Derisk IT strategy and current IT and risk strategies; prioritize any elements of the strategy that introduce new risks.
• Establish Cloud process, risk, and control metrics that prioritize high-risk services and capabilities and are designed to be monitored, ensuring risk reduction can be accurately measured in real time
• Lead risk assessments and control testing for applications and workloads being migrated to Cloud, to identify potential security risks and compliance gaps.
• Ensure that cloud services adhere to applicable laws, regulations, and industry standards (e.g., GDPR, PCI-DSS, ISO/IEC 27001, NIST).

People responsibilities

• Conduct performance reviews and contribute to performance feedback for the team
• Foster teamwork, quality culture and lead by example.
• Understand and follow workplace policies and procedures
• Train and mentor the project resources and team members

Mandatory skills requirements

• 9+ years of experience in the field of cloud and technology risk management
• Ability to identify risks within IT and business processes and design appropriate controls to mitigate risks
• Experience in various IT service management, change management and application development tools (e.g. JIRA, GitHub, etc.)
• Experience of embedding security and privacy controls into information systems design for Cloud migration
• Experience of using key risk indicators and key performance indicators to manage cloud risks

Preferred skills

• Experience of developing Cloud strategy and roadmaps
• Experience of designing Cloud risks and control frameworks
• Demonstrated track record with a consulting organization and/or financial services organization
• Relevant professional qualifications such as M. Tech, MCA, MS, MBA-IT
• B.E/B. Tech (Electronics, Electronics & Telecommunications, Comp. Science)

Certifications (Preferred)

• Relevant professional certifications such as such as CCSP, CCSK, CISM, CRISC, CISA, etc.
• Cloud certifications for AWS, Azure and GCP and/or relevant cloud security certifications
• Certifications in any tools such as ServiceNow, Jenkins, JIRA, Terraform, GITHUB, etc

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.