The opportunity We are the only professional services organization who has a separate business dedicated exclusively to the financial services marketplace. Join Technology Consulting Team and you will work with multi-disciplinary teams from around the world to deliver a global perspective. Aligned to key industry groups including Asset management, Banking and Capital Markets, Insurance and Private Equity, Health, Government, Power and Utilities, we provide integrated advisory, assurance, tax, and transaction services. Through diverse experiences, world-class learning and individually tailored coaching you will experience ongoing professional development. Thats how we develop outstanding leaders who team to deliver on our promises to all of our stakeholders, and in so doing, play a critical role in building a better working world for our people, for our clients and for our communities. Sound interesting? Well, this is just the beginning. Because whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
.
Skills and attributes for success
- IT Controls Analyst III Lead
- Primary Technical Skills: Proficiency in assessing and testing IT and cybersecurity controls using frameworks like NIST, ISO 27001, or COBIT.
- Experience with control gap analysis, risk assessment, and audit remediation processes.
- Familiar with Archer and Service Now. Knowledge of international cyber regulations.
- Non Primary Technical Skills: Detail-oriented with excellent analytical and organizational abilities.
- Strong written and verbal communication skills to document findings and present to stakeholders.
- Collaborative mindset with a proactive approach to improving processes. Problem Solving, Conceptual thinking, Mentoring, Technical Writing /Documentation
To qualify for the role, you must have
- Minimum 8 years of related work experience, including at least 5 years in risk management, controls assessment, or cybersecurity governance.
- Bachelors degree (B.E./B.Tech) in Computer Science or IT, or Bachelors in Computer Applications (BCA) from a recognized institution.
- Supervisory experience preferred, with the ability to mentor and guide junior staff.
- Proficiency in assessing and testing IT and cybersecurity controls using frameworks such as NIST, ISO 27001, and COBIT.
- Hands-on experience with control gap analysis, risk assessment, and audit remediation processes.
- Familiarity with IAM tools (SailPoint, Okta, CyberArk), governance platforms (Archer, ServiceNow), and privileged access management (PAM).
- Strong understanding of international cybersecurity regulations and compliance standards (e.g., SOX, GDPR, HIPAA).
- Detail-oriented with strong analytical and organizational abilities, capable of identifying security risks and implementing improvements.
- Excellent technical writing, documentation, and communication skills, with the ability to present findings to stakeholders.
- Problem-solving, conceptual thinking, and process improvement mindset, with a proactive approach to security enhancements.
- Relevant certifications preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP).
What we look for
- Leads the design, build, and deployment of identity and access management controls and governance program that is compliant with enterprise security standards and integrated with enterprise access administration infrastructure.
- Works closely with senior leadership and other IT teams to align strategies and projects with business objectives.
- Leads and oversees the implementation of changes to department policies and procedures to meet changing business needs and to achieve department objectives.
- Identifies opportunities for continuous improvement.
- Serves as a point of escalation for complex issues that may require management intervention.
- Analyzes the security impact of complex requests or incident tickets escalated by the team and either provides resolution or escalates to higher management depending on the criticality.
- Assesses and immediately notifies leadership of security issues or quality control events that may have an impact on business operations.
- Works closely with external auditors to represent Vanguard and respond to audit findings.
- Ensures completeness and accuracy of responses and evidencing.
- Maintains an active understanding of, and contributes to, the broader access management and information security discipline.
- Serves as thought leader across the enterprise and with external partners.
- Participates on vendor software evaluation teams to analyze the security administration features and impacts of each package or release.
- May help define requirements, log issues and test upgrades and new releases.
- Participates in special projects and performs other duties as assigned.
- Collaborate with IT and business teams to design, implement and maintain robust internal controls that address IT risks and safeguard organizational assets.
- Support internal and external audits by assisting with risk mitigation based on audit findings, ensuring all control documentation is accurate and up-to-date.
- Proactively identify potential gaps in IT controls and work with relevant teams to address weaknesses, enhancing the overall security posture of the organization.
- Assist with the development of risk management frameworks and contribute to the creation of policies aimed at strengthening the organizations internal controls and mitigating IT-related risks.
What we offer
EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across six locations Argentina, China, India, the Philippines, Poland and the UK and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. Well introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career.
Continuous learning
: Youll develop the mindset and skills to navigate whatever comes next.Success as defined by you:
Well provide the tools and flexibility, so you can make a meaningful impact, your way.Transformative leadership:
Well give you the insights, coaching and confidence to be the leader the world needs.Diverse and inclusive culture
: Youll be embraced for who you are and empowered to use your voice to help others find theirs.
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
