Talent.com
This job offer is not available in your country.
TC-CS-SRCR- Cyber Risk And Compliance- Manager

TC-CS-SRCR- Cyber Risk And Compliance- Manager

EYBengaluru, Karnataka, India
3 hours ago
Job description

The opportunity

We are looking for TPRM Manager with expertise in cyber security, risk management, and security controls testing concepts. This role offers a unique opportunity to contribute to the growth of our TPRM service offering while upholding EY’s commitment to quality and excellence. In line with EY’s commitment to quality, you will confirm that work is of the highest quality as per EY’s quality standards. You will help to create a positive learning culture, coach and counsel junior team members and help them to develop. As an influential member of the team, you will help to create a positive learning culture, coach and counsel junior team members and help them to develop.

Your key responsibilities

  • Reporting to the competency leader for Cyber Risk, Compliance, Resilience (CRCR) and will be responsible for :
  • Leading TPRM Engagements : Manage and deliver TPRM engagements, including current state assessments, program design and implementation, technology integration, and managed service operations.
  • Managed Service Operations Delivery : Oversee the end-to-end TPRM assessment lifecycle, from intake to onboarding and offboarding, ensuring effective delivery of TPRM managed services.
  • TPRM Technology Implementation : Lead implementation projects for TPRM technologies such as OneTrust, ServiceNow, Archer, and Ariba, ensuring successful integration and adoption within the organization.
  • Stakeholder Relationship Management : Build and maintain strong relationships with internal and external stakeholders, facilitating effective communication and collaboration on TPRM initiatives.
  • TPRM Strategy Development : Develop and implement TPRM strategies and frameworks to identify, assess, and mitigate risks associated with third-party vendors and partners. Policy and Procedure Implementation : Create and enforce TPRM policies and procedures that align with organizational goals, industry standards, and regulatory requirements. Process Improvement : Review and enhance TPRM processes, including risk assessment methodologies, due diligence procedures, and monitoring practices to ensure effectiveness and efficiency. Cross-Department Collaboration : Work closely with stakeholders such as Privacy, Legal, Procurement, Cybersecurity, and IT to ensure a comprehensive approach to managing third-party risks. Technology Enhancement Initiatives : Lead or participate in initiatives focused on technology enhancements, including Automation, Data Analytics, and AI, to support and streamline TPRM processes. Market Awareness : Maintain a broad understanding of market trends, competitor activities, and EY’s TPRM products and service lines. Business Development Support : Assist EY leadership in driving business development efforts and managing client accounts related to TPRM services. Internal Relationship Building : Foster strong internal relationships within EY Consulting Services and across other organizational services to promote TPRM best practices.

Skills and attributes for success

  • Excellent interpersonal, written, verbal, communication, and presentation skills
  • Hands-on experience of more than 8 years of with key components of Cyber Security including (but not limited to) :
  • Third Party Risk Management (End to end TPRM lifecycle)
  • Cyber Governance, Risk and Compliance
  • Cyber Strategy & Transformation
  • Business Continuity & Disaster Recovery
  • Regulations / standards such as ISO 27001, NIST 800-53, PCI DSS, HIPAA, HITRUST, GDPR, CCPA, COBIT, OWASP Top 10 etc.
  • Proven experience in client-facing roles, managing cyber security and resiliency-based third-party risk assessments from start to finish.
  • Ability to lead third-party assessments, providing technical guidance to assessors and facilitating decision-making during evidence reviews.
  • Proficient in performing detailed technical quality assurance reviews of deliverables, guiding the team with constructive feedback to ensure timely and high-quality outputs.
  • Strong stakeholder management skills, capable of leading discussions with stakeholders and presenting engagement metrics, including identified findings.
  • Effective communicator, able to bridge gaps between assessors and vendors as needed.
  • Skilled in handling escalations, analysing root causes, identifying lessons learned, and sharing insights with the team for continuous improvement.
  • Demonstrated people management skills, fostering effective team collaboration.
  • Capable of reviewing remediation plans and providing quality feedback as a QA reviewer.
  • Experience in providing technical training to enhance team members' skills and serving as a mentor as needed.
  • Committed to contributing to current processes, identifying potential improvements or optimizations, assessing impacts, and communicating changes to relevant stakeholders for implementation.
  • In-depth knowledge of general security concepts, including defence-in-depth, least privilege, security architecture and design, networking, architecture reviews, VAPT, IDS / IPS technologies, SIEM, and resiliency concepts such as business continuity and workplace safety.
  • Ability to develop budget, scope, and staffing recommendations based on an understanding of client budgets and project economics.
  • Experience managing large teams to deliver Cyber services, either independently or within large, complex projects.
  • Proficient in utilizing and guiding the team with TPRM tools such as OneTrust, Process Unity, ServiceNow, Archer, and external data providers like Security Scorecard and BitSight.

    • Qualify for the role, you must have.

  • A bachelor’s degree in computer science, computer / electrical engineering, information technology or a related field
  • At least 8 years of overall experience of recent relevant work experience in information security / Third-Party Risk Management
  • One mandatory certification - CISSP, CISA, CISM, CTPRP, CTPRA, CIPP, ISO 27001
  • Knowledge of TPRM tools like OneTrust, ProcessUnity, ServiceNow, Archer along with external data providers like SecurityScorecard and BitSight
  • Experience in client service delivery and be able to manage multiple engagement teams and projects.
  • Program and Project Management skills.

    • Ideally, you will also have

  • Strong analytical and problem-solving skills
  • Strong drive to excel professionally, and to guide and motivate others.
  • Excellent interpersonal, written, verbal, communication, and presentation skills.

    • What we look for

  • Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry.
  • An effective communicator, you will be a confident leader equipped with strong people management skills and a genuine passion to make things happen in a dynamic organization.
  • An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide.
  • Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries.

    • EY | Building a better working world

    Create a job alert for this search

    Manager Risk And Compliance • Bengaluru, Karnataka, India

    Related jobs
    • Promoted
    IT GRC – AVP [T500-12809]

    IT GRC – AVP [T500-12809]

    Talent500Bengaluru, Karnataka, India
    Responsible for managing Cyber Security Risk, Compliance, and Assurance activities.Drive the global cyber security certifications as per MGS Management Strategy. Evaluating control effectiveness and...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Cyber-Manager

    Cyber-Manager

    EYBengaluru, Karnataka, India
    We’re looking for experienced staffs with 10+ years of hands-on experience in IT Risk / Audit, Assurance and Advisory to join our Technology Risk Team. This is a fantastic opportunity to be part of a ...Show moreLast updated: 3 hours ago
    • Promoted
    TPRM Manager - Cyber

    TPRM Manager - Cyber

    Cubical Operations LLPBengaluru, Karnataka, India
    Manager – Third Party Risk Management (TPRM).We are seeking an experienced professional to join our team as a.Third Party Risk Management and working knowledge of. The role involves assessing third-...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Cyber Risk IoT Lead Consultant

    Cyber Risk IoT Lead Consultant

    Anicalls (Pty) LtdBengaluru, Karnataka, India
    Demonstrate a general knowledge of market trends, competitor activities, Deloitte Advisory products and service lines.Assist in the selection and tailoring of approaches, methods, and tools to supp...Show moreLast updated: 3 hours ago
    • Promoted
    Manager Enterprise Risk

    Manager Enterprise Risk

    Ujjivan Small Finance BankBangalore Urban, Karnataka, India
    These responsibilities are representative and the role holder is also responsible for any other job assigned by the superior authorities from time to time. This section in not intended to be an exha...Show moreLast updated: 18 days ago
    • Promoted
    Mashreq - Senior Manager - Technology - Wholesale Risk Domain

    Mashreq - Senior Manager - Technology - Wholesale Risk Domain

    Mashreq Global Services Private LimitedBangalore, India
    Hold direct responsibility for implementing Risk systems related to Regulatory and Digitization initiatives within the Risk Management division. Plan, manage, execute, track, and implement both func...Show moreLast updated: 30+ days ago
    • Promoted
    Uniqus - Cyber Security Consulting Manager

    Uniqus - Cyber Security Consulting Manager

    Uniqus ConsultechBangalore, India
    Cyber Security Consulting Manager Job Description : Position Overview : The Cyber Securi...Show moreLast updated: 16 days ago
    • Promoted
    Indusface - Manager - Risk & Compliance

    Indusface - Manager - Risk & Compliance

    Indus Face Private LimitedBangalore, India
    Assist to Implement, maintain, and manage security compliance frameworks, including ISO 27001, PCI DSS, SOC2 Type2, GDPR, DPDPA and other regulatory standards. Act as a liaison with product vendors,...Show moreLast updated: 30+ days ago
    • Promoted
    Associate Manager II - Cyber Security

    Associate Manager II - Cyber Security

    NaviBengaluru, Karnataka, India
    At Navi, the InfoSec team safeguards our digital ecosystem - ensuring the confidentiality, integrity, and availability of critical systems and data. We lead the charge on cyber risk management, regu...Show moreLast updated: 29 days ago
    • Promoted
    Third Party Risk Management - Cyber Security (Pune, Bangalore, Gurgaon)

    Third Party Risk Management - Cyber Security (Pune, Bangalore, Gurgaon)

    DigiHelic Solutions Pvt. Ltd.Bangalore, IN
    Lead the end-to-end third-party risk assessment process including initial due diligence, onboarding, and periodic reviews. Collaborate and lead discussions with various departments from client’s tea...Show moreLast updated: 3 days ago
    • Promoted
    • New!
    Risk Manager (2LoD), Risk and Compliance Solutions

    Risk Manager (2LoD), Risk and Compliance Solutions

    ADCI - BLR 14 SEZBengaluru, Karnataka, India
    We are seeking a highly motivated Model Risk Manager for Amazon’s Payments Risk organization, who will assist in implementing the model risk management framework, support model risk governance acti...Show moreLast updated: 3 hours ago
    • Promoted
    Senior Manager-Risk Assessment

    Senior Manager-Risk Assessment

    HCLTechbangalore, karnataka, in
    The position is a member of Risk & Compliance team within HCL Technologies.The DCO will be aligned to critical service delivery engagements and will be responsible for ensuring compliance in accord...Show moreLast updated: 10 days ago
    • Promoted
    • New!
    ICS Cybersecurity Advisor

    ICS Cybersecurity Advisor

    ExxonMobil CorporationBengaluru, Karnataka, India
    Perform Industrial Controls System cybersecurity security risk assessments, support cold eyes reviews and Unit internal audits on control system environment. Technical review and development of ICS ...Show moreLast updated: 3 hours ago
    • Promoted
    • New!
    Cyber Security - Sr. Manager

    Cyber Security - Sr. Manager

    FICOBengaluru, Karnataka, India
    Join our world-class team today and fulfill your career potential!.As a Threat Intelligence Senior Manager,.You will lead and inspire a team of security researchers, setting research priorities and...Show moreLast updated: 3 hours ago
    • Promoted
    Business Risk Manager (Technology)

    Business Risk Manager (Technology)

    Revoluthosur, tamil nadu, in
    People deserve more from their money.More visibility, more control, and more freedom.Since 2015, Revolut has been on a mission to deliver just that. Our powerhouse of products — including spending, ...Show moreLast updated: 29 days ago
    • Promoted
    • New!
    Risk & Compliance_ Infrastructure / Platform Qualification

    Risk & Compliance_ Infrastructure / Platform Qualification

    TakedaBengaluru, Karnataka, India
    At Takeda, we are leading digital evolution and global transformation.By building innovative solutions and future-ready capabilities, we are meeting the need of patients, our people, and the planet...Show moreLast updated: 3 hours ago
    • Promoted
    • New!
    Cyber Security Manager

    Cyber Security Manager

    LenovoBengaluru, Karnataka, India
    Come be a part of the next generation of Managed Services and Solutions at Lenovo! This position is for a Cyber Security Manager in the Solutions & Services Group (SSG) to lead ISO27001 and SOC 1&2...Show moreLast updated: 3 hours ago
    • Promoted
    • New!
    Governance, Risk Management, And Compliance (GRC)

    Governance, Risk Management, And Compliance (GRC)

    InnoWave360Bengaluru, Karnataka, India
    Governance, Risk & Compliance (GRC) Associate / Assistant Manager / Dy.We are seeking a seasoned Governance, Risk & Compliance (GRC) professional with deep expertise in. Business Audit, ERM, IFC, inves...Show moreLast updated: 3 hours ago