Requisition Id 1650562
The opportunity Senior Consultant-TMT-Business Consulting Risk-CNS - Risk - Digital Risk - Mumbai
TMT
Industry convergence offers TMT (Technology, Media & Entertainment, and Telecommunications) organizations the chance to evolve and transform, but it also presents challenges around competitiveness and delivering agile corporate strategies for growth.
We help TMT companies create compelling employee and customer experiences, retaining skills and talent while achieving enterprise-wide operational excellence. We help them guard their data, brand and reputation. We also enable the pursuit of M&A strategies that methodically create value, reduce risk and transform TMT companies into powerhouses that will lead the technology revolution of the future building a better working world for all.
CNS - Risk - Digital Risk
EY Consulting is building a better working world by transforming businesses through the power of people, technology and innovation. Our client-centric approach focuses on driving long-term value for our clients by solving their most strategic problems. EY Consulting is made up of three sub-service lines Business Consulting (including Performance Improvement and Risk Consulting), Technology Consulting and People Advisory Services.
We help our clients in identifying and managing the interplay between upside and downside risk in order to make the long-term decisions to prevent risk and impact on their organizations ability to meet its future business strategy and objectives. The 3 key fields of play are
Enterprise Risk - helps clients identify and address key risk areas, while building the agility to respond quickly. The areas of focus include Enterprise risk and resilience, Internal audit, Compliance and Internal controls
Technology Risk - helps clients to achieve sustainable growth by supporting their efforts to protect their business performance and by providing trusted communications on internal control and regulatory compliance to investors, management, regulators, customers and other stakeholders. EY teams accomplish this by assessing the technology risks that are introduced to businesses.
Financial Services Risk - helps clients in the financial sector to identify, manage and monitor the risks in their business. It is done through a transformative and agile approach including process and procedures, risk, data modeling and analytics, reporting to stakeholders and third parties, business requirements (for software selection and IT implementation), analysis of assets and liabilities, and capital and liquidity management.
Your key responsibilities
Develop AI governance framework incorporating AI governance organization structure, policies, procedures and corresponding roles and responsibilities. Perform periodic assessments to evaluate current AI governance posture of the organization based on leading practices (such as ISO 420012023, NIST AI RMF, EU AI Act, etc.) and identify improvements for policy, procedures, roles and responsibilities etc. Perform gap assessment to review current state of AI based solution to evaluate controls implemented for AI risk management including considerations for security and privacy aspects. Perform design review for AI based solutions to ascertain adequacy of mechanism defined for managing ethical AI usage including evaluation of design aspects for addressing principles such as fairness, transparency, accountability, and privacy. Perform threat modelling to identify security-related weaknesses (flaws) in code during the AI development phase and related lifecycle activities to evaluate input integrity, prompt validation, output management, ethics validation, plugin security and codebase control based on leading standards such as OWASP, MITRE ATLAS, etc. Identify the external and internal dependencies of AI governance processes as well as required technologies to analyze the overall maturity of organization s AI risk management strategy. Perform the AI governance risk assessment to identify the AI related design, performance, and algorithmic threats and prepare a corresponding risk treatment plan. Coordinate with internal and external stakeholders to ensure that AI risk management strategies are in place across the entire organization. Establish AI Governance and Ethics Management Steering Committee for periodic monitoring and tracking of all aspects of AI governance establishment and identification and progress on defined goals, objectives, and initiatives. Prepare content for AI Risk and Governance Management related trainings for user awareness. Prepare Thought Leadership and PoVs on Responsible AI.
Skills and attributes
To qualify for the role you must have
Qualification
Bachelor s degree in information technology, Computer Science, or a related field. Masters degree preferred.
Strong understanding of Generative and Agentic AI, familiarity with AI monitoring tools (such as IBM WatsonX.gov, Holistic AI, etc.) and techniques, AI Governance standards and best practices (e.g., NIST AI RMF, MITRE ATLAS, OWASP Top 10 for LLM, ENISA, HITRUST, ISO/IEC 23894, ISO 42001, EU AI Act). Professional certifications such as ISO 42001 Lead Auditor, ISO 42001 Lead Implementor, AIGP or equivalent preferred.
Experience
3 to 5 years of experience
