**EY GDS Consulting - **Third-Party Risk Management as a Service (TPRaaS) - Senior**As part of our EY- TPRaaS team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance.**The opportunity**We're looking for Seniors with expertise in **Third-Party Risk Management** to join the leadership group of our **EY- TPRaaS team**. It is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering.**Your key responsibilities**- Lead and work closely with the manager in the delivery of TPRaaS engagements.- Lead the design and implementation of TPRM operating models, identifying, evaluating, and providing solutions to evaluate complex business and technology risks.- Follow policies and procedures that support the successful implementation of TPRaaS operating models.- Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements.- Lead/Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRaaS processes.- Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects.- Demonstrate a general knowledge of market trends, competitor activities, EY products, and service lines.- Build and nurture positive working relationships with clients to achieve exceptional client service.- Contribute to Identifying opportunities to improve engagement profitability.- Assist leadership in driving business development initiatives and account management.- Participate in building strong internal relationships within EY Consulting Services and with other services across the organization.**Skills and attributes for success**- Maintain an educational program to develop personal skills continually.- Constantly upskilling as per market trends.- Understand and follow workplace policies and procedures.- Attend L&D programs and exhibit a thorough knowledge of consulting methodology and consulting attributes.- Exhibit initiative and participate in corporate social and team events.**To qualify for the role, you must have**- 4 to 8 years of demonstrated experience with Risk Management across the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures).- Strong understanding of the TPRM framework, Risk Management, Information Security practices.- Demonstrate a good understanding of the Contract Risk Review management process.- Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.).- Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI - DSS, HITRUST, etc.- Good knowledge of privacy regulations such as GDPR, CCPA, etc.- Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc.- Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management.- Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review.- Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.).- Good experience in LAN/WAN architectures and reviews.- Good knowledge of incident management, disaster recovery, and business continuity management, cryptography.- Good to have prior Big-4 experience.- Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer**Ideally, you'll also have**- **Project Management skills.**:- ** Exposure to tools like ProcessUnity, ServiceNow, Archer.****What we look for**- **A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment.**:- ** Actively tracks and communicates engagement performance and planning to EY engagement management, ensuring project milestones remain on track and are completed timely.**:- ** Actively mentors and trains team members on TPRaaS processes, governance, and frameworks.**:- ** Works cross-functionally with team members to support and drive a collaborative team environment.**:- ** Creates and design effective presentations as a means for communicating project and deliverable progress to clients.**:- ** Performs sophisticated data analyses to understand client's business and identify risk**:- ** Executes advanced services and supervise st
