Work in Iowa STEM Jobs

Job Information

EY FSO Technology Risk Senior - Cyber Risk (Location Open) in Des Moines, Iowa

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.


EY is the only professional services firm with a separate business unit — Financial Services Office (FSO) — that is dedicated to the financial services marketplace. Our FSO teams have been at the forefront of events that have reshaped and redefined the financial services industry as the pace of technological change continues to rapidly increase. If you have a passion for rallying together to solve the most complex challenges in the financial services industry, come join our dynamic FSO team! 

*The opportunity *

Our Integrated Cyber Risk team, a competency within the FSO Cyber and Technology Risk practice, provides financial services clients with an innovative and comprehensive approach for managing cyber and technology risks across their organization. With the ever-increasing risks for conducting business in a globally connected economy, and the rapid evolution of related threats, companies are turning to EY to understand, assess and prioritize risks as well as the related actions. EY has been recognized by multiple organizations as a leader in the cybersecurity space. In addition, our clients rely on EY to help transform their cyber programs, while driving business performance. Our team works collaboratively across the various FSO competencies and the EY global network to provide comprehensive and insightful services to our clients. Our Cyber Risk Team competencies include cyber risk management, cyber and IT regulatory risk, cyber resiliency, cyber analytics and privacy.  

*Your key responsibilities  *

On a typical day, you will work with your engagement team and the client to execute engagements that help our clients measure the effectiveness of their cybersecurity and privacy programs; assess the cybersecurity risk of a client; evaluate the maturity of a security program and perform benchmarking against its peers; test the effectiveness of cyber controls; assist clients with complying with the various cyber regulations; and help implement new cyber control processes and tools to perform more effective cyber risk management. You will also lead client meetings, prepare workpaper documentation, create and deliver presentations and provide coaching to your junior team members. We’ll look to you to stay abreast of current cyber regulations and industry practices, as well as to display teamwork, integrity and leadership to support and value your team’s contributions and foster innovation.  

*Skills and attributes for success  *

You will be expected to demonstrate in-depth technical capabilities, financial services industry knowledge and professional knowledge; establish relationships with client personnel; and possess good business acumen. Teaming and working with clients to analyze, evaluate and enhance their cybersecurity program and related processes will be critical for success. As a Senior, you will be expected to:

  • Collaborate with other members of the engagement team to plan the engagement and develop work programs and execution enablers, including approach, tasks, timelines, and budgets

  • Serve as a fieldwork leader by directing the daily progress of fieldwork, informing management of engagement status and supervising and mentoring staff performance

  • Possess a well-rounded understanding of general security concepts and methods such as identity and access management, threat and vulnerability management, data classification, incident response, security policy creation, enterprise security strategies, privacy, architectures and governance

  • Leverage knowledge of the current cyber/IT landscape and financial services industry cyber/IT trends to identify the engagement and client service issues, and communicate this information to the engagement team and client management through written correspondence and verbal presentations

  • Demonstrate and apply strong project management skills, inspire teamwork and responsibility with engagement team members, and use current technology and tools to enhance the effectiveness of deliverables and services

  • Be able to interface with client stakeholders and subject-matter resources who  own cybersecurity processes and controls such as information security governance, risk management, security operations and monitoring, threat intelligence, business continuity, incident response, privacy and third-party risk management.

To qualify for the role, you must have

  • A bachelor’s degree in business, accounting, finance, computer science, information systems or a related discipline and three years of related work experience

  • A minimum of two years of experience working as a cybersecurity practitioner, cyber/IT auditor or cyber/IT risk advisor for a public accounting firm, a professional services firm or financial services company, or comparable experience as an advisor to a financial services company

  • Experience with at least one of the following types of work related to cybersecurity and technology: a) assessments b) risk management c) compliance and regulations and/or d) internal audit

  • Working knowledge of industry standards (ISO 27001, NIST 800 series), frameworks (NIST Cybersecurity Framework, FFIEC Cybersecurity Assessment Tool) and regulations (GLBA, FFIEC, NY-DFS, SEC, NFA, FDIC).

  • Familiarization with Financial Services Industry Groups such as SIFMA, NAIC and AIMA

  • Availability to travel outside of your assigned office location up to 50% of the time. Successful candidates must work in excess of standard hours when necessary. A valid passport is required.

Ideally, you’ll also have

  • A master’s degree in information systems, computer science, business, accounting, finance or a related discipline

  • CA, CGEIT, CIA, CISA, CISM, CISSP, CMA, CPA or CRISC certification. Non-certified hires are required to become certified to be eligible for promotion to Manager

  • Excellent leadership, teamwork and client service skills

  • Strong written and verbal communication skills and presentation skills

*What we look for *

We’re looking for passionate leaders with strong vision and a desire to stay on top of trends in the risk industry. If you have a genuine passion for helping businesses achieve their full potential, this role is for you.

What we offer

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.

• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.

• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.

• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

The exceptional EY experience. It’s yours to build.

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law.