Senior Cyber Governance Risk and Compliance Consultant - Financial Services

The opportunity 

For our cybersecurity team, we are looking for Governance, Risk and Compliance consultants. The projects and roles we take on are diverse and not two of them are the same, so we are looking for professionals that can combine relevant experience with the right mindset. 

Our clients, typically the Chief Information Security Officer, are looking for advice and support for their security transformations. As GRC consultants, we often perform independent assessments on their cybersecurity capability and/or support them in the definition and execution of their security roadmap.

Your key responsibilities 

You will serve local and international financial services clients, and will be involved in different types of projects:

• Perform information security maturity assessments (based on the EY maturity model or against industry frameworks) and support the creation of security roadmaps based on the outcome.


• Execute information security risk assessments and business impact assessments (BIA)


• Definition and implementation of an Information Security Management System (ISMS).


• Identification, analysis and implementation of information security processes and controls (e.g. access management, incident management, business continuity).


• Measurement and reporting on the information security posture of an organization, based on the risk appetite, key threats, adequacy of controls.


• Support the CISO in both the operational security responsibilities and in the transformation journeys, by providing advice and support. 

Skills and attributes for success 

• Master’s degree in a relevant field (e.g. computer science, mathematics, civil engineer, applied informatics or others) or equivalent through experience.


• Professional experience (between 2 – 5 years), either in consulting or in the financial sector.


• An understanding on the current challenges a CISO faces, and how to transform information security from an IT concern to a business enabler.


• A good understanding on how risk-based decision taking takes place in a business environment, and how to select the appropriate response to information security risks.


• Familiarity with industry standards and best practices including the ISO 27000 series.


• Proven client stakeholder management and communication skills.


• Strong team spirit, balanced by a healthy sense of autonomy.


• Relevant certifications such as CISSP / CISM are considered a plus for more experienced candidates.

What we offer you

• You will be part of a leading global professional services firm.


• You will be part of the EY family where everyone is willing to offer support and senior management is very accessible.  


• You will join a dynamic and growing team with a great mix of young and experienced professionals focusing on financial services.


• You will get extensive trainings  on technical matters, as well as soft skills and project management, and you will have access to new technologies and innovative equipment.


• We are proud of our flexible working arrangements, and we will support you to build a successful career and deliver excellent client service, without sacrificing your personal priorities. 


• While our client-facing profession might require part-time working at client site and business traveling at times, we are committed to helping you achieve a lifestyle balance.

Are you ready to shape your future with confidence? Apply today. 

To help create an equitable and inclusive experience during the recruitment process, please inform us as soon as possible about any disability-related adjustments or accommodations you may need.