IT Risk Assurance Senior Analyst
Ernst & Young Global Limited
Warszawa, , PL
38 d. temu

About EYTechnology

EY Technology is a globalorganization that works with our internal clients, to provide IT support andsolution to client teams, internal support functions and global projects andprograms.

Over the next few years, GDS Poland will increase the number of ITprofessionals in its center to develop and support EY’s business and internalapplications.

These professionals include IT project managers, businessanalysts, software architects, infrastructure engineers.

EY Technology team maintainsand enhances EY’s IT infrastructure and works for our internal clients acrossthe globe. You will work with EY locations, supporting our service lines andkey business processes or be part a dedicated IT team handling cross-

organizationalinitiatives and transformational projects.

EY Technology supports ourtechnology needs through three business units :

  • Information Security (Info Sec) - Info Sec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems
  • Client Technology (CT) - focuses on developing new technology services for our clients. It enables EY to identify new technology-
  • based opportunities faster, and pursue those opportunities more rapidly

  • Enterprise Workplace Technology (EWT) EWT supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services.
  • EWT will also support our internal technology needs by focusing on a better user experience.ect, respond, and mitigate cyber risk and to enable the Firm to move at the speed of business.

    The opportunity

    The Supplier RiskAssurance program evaluates and monitors information security risk associatedwith the Firm’s use of third party technology suppliers.

    We measure riskagainst Firm security controls, industry standards, regulations and laws, andEY business practices. We then advise our engagement and project managers, ourprocurement team, and our Legal teams in the recommended treatment of the riskassessment conclusions.

    In a working worldwhere there is an increasing reliance on third party provided products andservices the role offers interaction with some of the most interesting andimportant technology related activities of the Firm across the spectrum ofservices offered.

    This role is animportant and very visible contributor offering highly valued and criticalservices within a highly collaborative team environment.

    A more excitingchallenge is difficult to find!

    Your key responsibilities

    The person chosenwill conduct inherent risk assessments, vendor research, reporting, dataanalytics, communications with our stakeholders, and other required tasksassociated with the execution of the Supplier Risk Assurancemission.

    Skills and attributes for success

  • Advanced and creative analytic abilities to synthesize technical data, project related information, interview and survey results, and other information to inform risk decisions.
  • Ability to manage and deliver on multiple and shifting priorities to provide high quality, timely, and effective service to our customers.
  • Advanced interpersonal skills to engage and collaborate with multiple internal and external stakeholders within a matrixed and global organization.
  • Highly developed communications skills, both oral and written in the English language
  • Must be able to rapidly learn a complex business process that involves acquisition of knowledge and familiarity with related regulations, EY Policies and Standards, and international standards such as ISO 27001 : 2013
  • To qualify for the role you must have :

  • Higher degree in computer science or related discipline
  • 4+ years’ experience in any of the following : information security, IT risk management, internal audit, or compliance
  • Knowledge of Information Security controls such as ISO27001 : 2013, NIST, or SOC.
  • Ideally, you’ll also have

  • Certifications such as the Certified Information Systems Security Professional (CISSP) or Global Security Essentials Certification (GSEC)
  • Good working knowledge of data analytic methods and tools, including but not limited to Spotfire, and Microsoft Excel.
  • Good knowledge and skills with Microsoft Office and Sharepoint.

  • Experience and skills in Information Security technical areas.
  • Who we look for?

    The idealcandidate will enjoy the challenge of rapid acquisition of knowledge and havethe skills and determination to join a high performing team.

    We arelooking for someone who is agile, flexible, serious about providing top flightservice to our customers, and above all a great team member.

    What working at EY GDS offers?

    We offer acompetitive remuneration package where you’ll be rewarded for your individualand team performance. Our comprehensive Total Rewards package includes supportfor flexible working and career development, and with FlexEY you can selectbenefits that suit your needs, covering holidays, health and well-

    being,insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer :

  • Support, coaching and feedback from some of the most engaging colleagues around
  • Opportunities to develop new skills and progress your career
  • The freedom and flexibility to handle your role in a way that’s right for you
  • Aplikuj
    Dodaj do ulubionych
    Usuń z ulubionych
    Mój adres email
    Klikając przycisk "Kontynuuj", wyrażam zgodę neuvoo na przetwarzanie moich danych i wysyłanie powiadomień e-mailem, zgodnie z zasadami przedstawionymi przez neuvoo. W każdej chwili mogę wycofać moją zgodę lub zrezygnować z subskrypcji.
    Formularz wniosku