We enhance performance through creating risk-enabled organizations. We help clients identify important risks, design frameworks to manage them and improve the effectiveness and efficiency of risk management. As a risk transformation professional, you will be addressing client issues such as business performance variability, business and process controls transformation; application security integrity, governance, risk and control (GRC) technology enablement, business and/or IT GRC, continuous monitoring, vendor and contract risk management and IT risk management. You will belong to an international network of specialists helping our clients transform risk functions and implement technology solutions that support risk management and governance.
We will support you with career-long training and coaching to develop your skills in risk strategy, risk function design, risk management and performance enhancement. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
The opportunity
Applying your knowledge and experience to shape our services, you’ll focus on client opportunities where your expertise can make a substantial impact. You’ll apply your knowledge and experience to shape our services and motivate your team. You’ll build valuable relationships with clients and develop strong capabilities, through both formal training and working with senior mentors and talented colleagues.
Your key responsibilities
This is a role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between developing security strategies, advising stakeholders, providing workshops and supporting business development. If you’re flexible and ready to adapt to a constantly changing environment, there’s no better place to develop your skills. Since you’ll be working directly with clients, some travel will be required.
Skills and attributes for success
The role of a ServiceNow GRC Senior Consultant/Manager includes collaborating with other members of the engagement team to coordinate, plan and deliver ServiceNow GRC projects. As you build knowledge and experience, you’ll become a credible advisor to junior consultants to deliver work products across the focus areas mentioned above within the organization as well as the client contacts. Responsibilities include but are not limited to:
- Implementing and delivering GRC technology enablement services using ServiceNow GRC/IRM platform – Policy and Compliance Management, Vendor Management, Risk Management, Audit Management, Business Continuity, and other risk management processes
- Lead discussions and workshops with clients to create a risk-aware culture through proper technology enablement of risk-related processes using ServiceNow GRC/ IRM solutions.
- Design and architect solutions to automated client processes into GRC solutions to meet their unique requirements
- Assist with the business development activities (conduct demos/ POCs, scope/ efforts/ timeline estimation etc.) related to ServiceNow GRC/ IRM opportunities.
- Effectively manage and motivate client engagement teams with diverse skills and backgrounds.
- Consistently deliver quality client services and manage expectations of client service delivery.
- Drive high-quality work products within expected timeframes and on budget.
- Manager engagement budget, monitor progress, manage risk, and ensure key stakeholders are kept informed about progress and expected outcomes.
- Demonstrate deep technical capabilities and professional knowledge.
- Establish relationships with client personnel at appropriate levels
- Demonstrate in-depth technical capabilities and professional knowledge, demonstrate ability to assimilate new knowledge
- Remain current on new developments in GRC technology implementation services capabilities and industry knowledge.
To qualify for the role, you must have:
- A recognized university degree in information technology, engineering, mathematics, accounting, business or other relevant disciplines.
- At least 4 years of relevant consulting or industry experience, preferably in a professional services environment or MNC.
- ServiceNow CIS certification in GRC/ IRM suite (Risk and Compliance, Vendor Risk Management etc.)
- Experience in the design, architecture, configuration, and implementation of ServiceNow GRC/ IRM solutions.
- Strong understanding of compliance and risk management processes.
- Experience with agile methodology, creating process designs, technical designs, defining user stories, working with onshore/offshore development teams, leading user acceptance testing (UAT), and providing the necessary end-user training to deliver the proposed solution.
- Experience in engaging and managing a variety of stakeholders with an ability to consult, provide recommendations, and develop solutions using GRC solutions.
- Strong analytical, interpersonal, communication, writing and presentation skills.
- Demonstrates integrity, values, principles, and work ethic.
Ideally, you’ll also have
- Strong project management skills including agile methods.
- Data analysis/ processing and visualisation skills using database, visualisation tools or spreadsheet application
- Professional certifications such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP)
- Experience with other GRC technology solutions (such as ServiceNow, MetricStream, IBM OpenPages etc.) will be an added advantage.
What we look for
We’re interested in flexible professionals with excellent problem-solving skills and the ability to prioritise shifting workloads in a rapidly changing industry. You’ll also need the confidence to give professional advice and guidance to colleagues and clients from a diverse range of cultures, often with limited information – both verbally and in writing. If you’re a fast learner, with strong influencing skills and a genuine passion for information system security, this role is for you.
What working at EY offers
We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. We also offer you:
- Support, coaching and feedback from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that’s right for you