GMS-Senior-MS-RSS

Third-Party Risk as a Service (TPRaaS) – Senior

As part of our EY- NFS TPRM team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance.

The opportunity

We're looking for Seniors with expertise in Third-Party Risk Management to join the leadership group of our TPRaaS team. It is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering.

Your key responsibilities

• Lead and work closely with the manager in the delivery of Third-Party Risk Management (TPRM) engagements.
• Assist / Mentor team members in vendor calls / client interactions by providing delivery updates.
• Perform Quality Checks on work products before delivering it to the end clients.
• Follow policies and procedures that support the successful implementation of TPRM operating models.
• Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements.
• Assess the application of legal and regulatory requirements to clients TPRM practices.
• Lead/Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes.
• Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects.
• Build and nurture positive working relationships with clients to achieve exceptional client service.
• Contribute to Identifying opportunities to improve engagement profitability.
• Assist leadership in driving business development initiatives and account management.
• Participate in building strong internal relationships within GMS Services and with other services across the organization.

Skills and attributes for success

• Maintain an educational program to develop personal skills continually.
• Constantly upskilling as per market trends.
• Understand and follow workplace policies and procedures.
• Exhibit initiative and participate in corporate social and team events.

To qualify for the role, you must have

• 4 to 8 years of demonstrated experience with Risk Management across the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures).
• Strong understanding of the TPRM framework, Risk Management, Information Security practices.
• Demonstrate a good understanding of the Contract Risk Review management process.
• Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.).
• Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc.
• Good knowledge of privacy regulations such as GDPR, CCPA, etc.
• Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc.
• Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management.
• Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review.
• Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.).
• Good experience in LAN/WAN architectures and reviews.
• Good knowledge of incident management, disaster recovery, and business continuity management, cryptography.
• Good to have prior Big-4 experience.
• Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer

Ideally, you'll also have

• Project Management skills.
• Exposure to tools like ProcessUnity, ServiceNow, Archer.

What we look for

• A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment.
• Actively tracks and communicates engagement performance and planning to EY engagement management, ensuring project milestones remain on track and are completed timely.
• Actively mentors and trains team members on Third-Party Risk Management processes, governance, and frameworks.
• Works cross-functionally with team members to support and drive a collaborative team environment.
• Creates and design effective presentations as a means for communicating project and deliverable progress to clients.
• Performs sophisticated data analyses to understand client s business and identify risk
• Executes advanced services and supervise staff in delivering essential services.
• Understands client s business environment and basic risk management approaches
• Actively participates in decision making with engagement management and seek to understand the broader impact of current decisions.
• Actively contributes to improving operational efficiency on projects & internal initiatives.