At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

EY-Digital Risk – Third Party Risk Management

At EY, we’re all in to shape your future with confidence.

Join EY and help to build a better working world.

As part of our Risk Consulting, you will be joining the Digital Risk Consulting Team.

The opportunity

We’re looking for Senior Manager with expertise in Third Party Risk Management and IT Audit to support our clients across a range of Third Party Risk Management (TPRM) issues and challenges and enable our clients to better manage the broad range of risks in their increasingly complex supply chains. You will play a pivotal role in shaping EY’s TPRM strategy, driving innovation in third-party risk solutions. In addition, you will play a key role in supporting the development of new business opportunities. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of our service offering.

Your key responsibilities

• Drive go-to-market strategy for TPRM services, including thought leadership, solution development, and alliance partnerships.
• Champion the use of emerging technologies (e.g., AI, automation, continuous monitoring platforms) to enhance TPRM capabilities.
• Lead the development of next-generation TPRM capabilities, including continuous monitoring, risk integration, and AI-driven risk intelligence.
• Provide subject matter guidance on evolving regulatory frameworks (e.g., DORA, NCA framework, SAMA framework) and their impact on third-party ecosystems.
• Perform IT/InfoSec internal control testing, develop IT/InfoSec internal audit plans, and provide IT/InfoSec internal audit services for the MENA stakeholders.
• Mentor team members within the Third Party Risk Management, Audit & Resilience practice.
• Contribute to team growth through recruitment, capability building, and internal training initiatives.
• Creating thought leadership and market materials for selling and promoting EY Cyber and TPRM offerings
• Create a positive team environment and provide coaching and support for junior staff
• Support senior management with practice development activities such as recruiting
• Oversee financial aspects of engagements by organising staffing, and communicating with engagement teams
• Managing a portfolio of TPRM engagements with our clients, responsible for the day-to-day running of the engagements including meeting quality, time and budget targets
• Working with prospective clients to agree, scope and plan the delivery phase of engagements
• Oversee the design and implementation of scalable TPRM operating models and tooling (e.g., ServiceNow VRM, Archer, ProcessUnity).
• Design TPRM framework, operating model, methodology and procedures
• Implement TPRM process for client and manage the assessment lifecycle as per the design
• Drive IT Audits/ Reviews, TPRM engagements
• Deliver exceptional client service experience while advising on complex process issues

Skills and attributes for success

• Proven ability to evaluate security technologies, policies and processes.
• Experience conducting third party risk assessments against global/MENA specific standards/regulations
• Expertise in IT/InfoSec internal control testing, develop IT/InfoSec internal audit plans
• Proficiency in using analytics and monitoring tools for continuous risk evaluation and reporting.
• Align TPRM with organizational goals and integrate risk management into business strategy.
• Excellent GRC platforms, risk scoring systems, and AI-driven monitoring solutions.
• Excellent communication and stakeholder management skills.

To qualify for the role, you must have

• Project experience and client knowledge gained from professional practice across a number of TPRM engagements, including aspects of Compliance, IT Risk Management, Cyber, Resilience, and Privacy.
• Team leadership and management experience, including the coaching and mentoring of more junior staff and direct reports
• Awareness and understanding of National and International Security Standards (e.g., NIST, ISO27001), reporting standards (e.g., SOC/ISAE), and privacy or TPRM regulations, such as UK Data Protection Act, GDPR, DORA, NCA ECC, SAMA Framework..etc.
• Willingness to travel
• Excellent written and verbal communication skills for report writing, client presentations, and project management
• At least 10 years of relevant experience (desirably within resilience, cyber, or TPRM). Preferably with experience in a consulting role in a leading consultancy firm.
• Proven track record of delivering complex, multi-stakeholder programmes in regulated industries
• Strong commercial acumen and experience managing large client accounts or portfolios.
• Excellent communication skills with consulting experience preferred

Ideally, you’ll also have

• A bachelor's or master's degree in B. TECH/B. E, MS, MBA in accounting or a related discipline.
• Industry related certification preferred (e.g., CISSP, CISA, CISM, CRISC, ISO27001 Lead Implementer/Auditor)
• Solution related experience, such as the use of platforms like ProcessUnity, ServiceNow, and Azure

What working at EY offers

At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.