Job
Description
Role Overview: As a Senior Risk and Audit Compliance Engineer within Infrastructure and Operations, Platform Infrastructure at EY, you will be a subject matter expert collaborating with multinational clients to design, implement, and enhance risk, compliance, and audit frameworks. Your role will involve leading project teams, mentoring staff, and ensuring clients meet evolving regulatory, cyber, and operational risk expectations. Key Responsibilities: - Lead risk and compliance consulting projects for clients in various industries such as finance, technology, and healthcare. - Advise client executives on risk identification, internal controls, and compliance program maturity. - Translate regulatory requirements like SOX, GDPR, ISO 27001, NIST, and SOC into actionable strategies and operational controls. - Assess, design, and implement enterprise-wide risk management and compliance frameworks for clients. - Develop risk and control matrices, RCSA programs, and ongoing compliance monitoring strategies. - Plan and execute audit engagements, evaluate existing controls, and draft high-quality audit reports and remediation recommendations. - Design and implement automated solutions for control testing, continuous monitoring, and regulatory reporting using data analytics. - Manage project teams, oversee timelines, deliverables, and client satisfaction in a matrix and multi-client environment. - Liaise with client and internal leadership, regulatory bodies, and external auditors while delivering compliance/risk training and thought leadership. Qualification Required: - Bachelors or Masters degree in Information Security, Engineering, Finance, Business, or related fields. - 12+ years of progressive experience in risk management, audit, or compliance with a minimum of 3-6 years in a Big Four or similarly complex consulting environment. - Expertise in regulatory frameworks such as ISO 27001, NIST, SOX, PCI DSS, GDPR, and COBIT. - Proven success in leading client audits, regulatory projects, and compliance assessments. - Excellent analytical, problem-solving, and communication skills. - Experience with GRC, audit, Regulatory Technology (RegTech), and data analytics platforms. - Relevant certifications like CISA, CISM, CRISC, SoX, ISO 27001 Lead Auditor/Implementer are strongly preferred. - Track record of managing diverse/high-performing teams and working with Suppliers/Contractors in driving Risk and Audit processes. EY is dedicated to building a better working world by creating new value for clients, people, society, and the planet through trust in capital markets. EY teams leverage data, AI, and advanced technology to shape the future with confidence and provide services across assurance, consulting, tax, strategy, and transactions in more than 150 countries and territories. Role Overview: As a Senior Risk and Audit Compliance Engineer within Infrastructure and Operations, Platform Infrastructure at EY, you will be a subject matter expert collaborating with multinational clients to design, implement, and enhance risk, compliance, and audit frameworks. Your role will involve leading project teams, mentoring staff, and ensuring clients meet evolving regulatory, cyber, and operational risk expectations. Key Responsibilities: - Lead risk and compliance consulting projects for clients in various industries such as finance, technology, and healthcare. - Advise client executives on risk identification, internal controls, and compliance program maturity. - Translate regulatory requirements like SOX, GDPR, ISO 27001, NIST, and SOC into actionable strategies and operational controls. - Assess, design, and implement enterprise-wide risk management and compliance frameworks for clients. - Develop risk and control matrices, RCSA programs, and ongoing compliance monitoring strategies. - Plan and execute audit engagements, evaluate existing controls, and draft high-quality audit reports and remediation recommendations. - Design and implement automated solutions for control testing, continuous monitoring, and regulatory reporting using data analytics. - Manage project teams, oversee timelines, deliverables, and client satisfaction in a matrix and multi-client environment. - Liaise with client and internal leadership, regulatory bodies, and external auditors while delivering compliance/risk training and thought leadership. Qualification Required: - Bachelors or Masters degree in Information Security, Engineering, Finance, Business, or related fields. - 12+ years of progressive experience in risk management, audit, or compliance with a minimum of 3-6 years in a Big Four or similarly complex consulting environment. - Expertise in regulatory frameworks such as ISO 27001, NIST, SOX, PCI DSS, GDPR, and COBIT. - Proven success in leading client audits, regulatory projects, and compliance assessments. - Excellent analytical, problem-solving, and communication skills. - Experience with GRC, audit, Regulatory Technology (RegTech), and d
