Assistant Manager - Risk Consulting - Digital Risk

Assistant Manager Digital Risk

From small businesses to some of the worlds best-known brands our tailored services help build trust and confidence through transparency clarity and consistency for our clients across the MENA region. Our MENA clients look to us for advice and services they can trust every time. You will use your professional skills and experience to make it happen by supporting our MENA based EY Member Firms to serve clients in the MENA region across a broad range of industries and responsibilities.

Within the MENA region we are actively engaged with all sectors of the economy and actively supporting the vision of national leaderships especially in the GCC countries. We are dedicated to help our clients in all sectors anticipate the uncertainty they face in doing their business and work closely with them to help effectively manage the Risk. Technology is a major component underpinning the need to serve increasing demands of our MENA clients in their sophisticated technology environments.

As organizations look to leverage the advantage technology offers well work with you to develop the consultancy and analytical skills that youll need in todays environment. Working on projects that cross borders and sectors the experiences you gain here will be more valuable than anywhere else.

The opportunity

EY is recruiting for a Assistant Manager join our Digital risk team at various offices across MENA. You will be responsible to serve our clients as part of our teams across MENA offices. This position brings significant travel opportunities since EY operates a regional model with all consultants operating as one team across the region.

Your key responsibilities

As Assistant Manager you will be required to work effectively as a team member draw on your knowledge and experience to solve complex issues and support the MENA local Partner(s) and senior executives and build relationships with MENA internal clients and peers.

As an Assistant Manager

• Everything you will be involved in comes down to providing excellent customer service and helping our teams do the same. Whether it is working with multiple client teams advising the clients on IT Risk related matters or assisting executives with business development activities across various sectors you will build strong relationships and become a trusted advisor to your MENA clients.

• You will participate in MENA engagements working effectively as a team member providing support maintaining communication and updating senior team members on progress. You will assist in client service delivery participate in all assigned tasks and assist in preparing reports that will be delivered to clients and other parties.

Skills and attributes for success

Proactivity accountability and results-driven people will flourish in this environment. Dealing with competing priorities understanding how to manage resources and communicating effectively are key skills. This will have a huge impact on those around you and help promote a positive work ethic.

To qualify for the role you must have.

• Bachelors or masters degree in computer science information systems or a related discipline. Alternatively a degree in business accounting finance with additional IT qualifications.
• 5 years of relevant experience of working as IT risk consultant or an IT auditor for a public accounting firm professional services firm technology company telecom company or a financial services company or comparable experience as an IT/IS consultant.
• Relevant experience areas include but not limited to IT Risk assessment and management Digital Trust Mobile Technology assessments Emerging Technologies (Robotics IoT Cloud and Blockchain) ERP control validations (SAP Oracle MS Dynamics) systems and networking technologies IT/Business process and internal control assessments internal audit engagements external audit integration application of data analytics and/or third-party reporting etc.

Cybersecurity Privacy & Data Protection Compliance:

• Lead and perform Privacy Impact Assessments (PIAs) Data Protection Impact Assessments (DPIAs) Legitimate Interest Assessments (LIAs) and Transfer Impact Assessments (TIAs).
• Maintain and update the Records of Processing Activities (RoPA) in compliance with GDPR and other data protection laws.
• Ensure cross-border data transfers comply with legal mechanisms (e.g. SCCs BCRs adequacy decisions).
• Develop implement and maintain comprehensive privacy and cybersecurity programs aligned with international standards including ISO 27001 ISO 27701 and NIST Cybersecurity Framework 2.0 (CSF).
• Ensure compliance with regional regulations such as Dubai Information Security Regulation (Dubai ISR) and UAE Information Assurance Requirements (UAE IAR) supporting both privacy and cybersecurity mandates

Security & DLP Implementation:

• Work with the team to design implement and manage and access Data Loss Prevention (DLP) technologies and policies across endpoints cloud and email systems.
• Collaborate on securing personal and sensitive data through encryption access control and secure storage practices.
• Collaborate with Security Operations Center (SOC) for real-time investigation of: Data exfiltration attempts Unauthorized access to sensitive folders or file shares Lateral movement involving high-value data.
• Drive the implementation and validation of Business Continuity Management (BCM) and Incident Response (IR) plans specifically addressing privacy breaches and cybersecurity incidents.

Audits Monitoring & Risk Assessments:

• Plan and execute internal and third-party data privacy audits and cybersecurity risk assessments.
• Conduct cybersecurity maturity assessments to evaluate organizational risk posture identify gaps and recommend remediation in alignment with NIST ISO and UAE frameworks (ISR and IAR).
• Lead or support mobile application security and privacy assessments ensuring secure development lifecycle practices and data protection controls.
• Perform network security assessments including vulnerability analysis and penetration testing coordination to identify potential attack vectors and privacy risks.
• Define and enforce encryption standards (AES-256 at rest TLS 1.2 in transit) Audit encryption coverage in structured and unstructured data stores Work with DevOps to integrate encryption into infrastructure-as-code (IaC) pipelines.
• Collaborate with vendors and partners to assess their privacy posture and complete privacy/security questionnaires.
• Conduct cybersecurity risk assessments for New vendor tools and services (focus: SaaS cloud storage APIs) High-risk internal systems (HRIS CRM analytics platforms) Data pipelines that aggregate personal or behavioural information.

Policy Training & Governance:

• Draft review and maintain policies and procedures relating to data protection privacy and information security.
• Lead company-wide privacy and security awareness training programs.
• Act as a subject matter expert on data privacy and security best practices across teams and departments.
• Fluent Arabic and/or English communication skills at a professional level.
• Strong verbal and written communication with out of box thinking abilities.
• Proficient in MS Office products (Project Word Excel PowerPoint)
• EY is actively looking to enhance the recruitment and retention of nationals and females across all MENA/GCC offices.

Ideally youll also have

• CISA CISSP CISM and/or CIA certification is essential for long-term growth in the role; Based on an individuals professional background area of specialization or industry focus we recognize that other certifications credentials or experience may be more relevant than the listed certifications and therefore may be acceptable.
• Experience of working in a similar role with an international consulting firm
• More operationally focused in working and institutionalizing best practices and process

What we look for

We are interested in professionals who are business savvy with a passion for quality work innovation as well as the motivation to create your own EY journey.

What we offer

We offer a competitive compensation package where youll be rewarded based on performance and recognized for the value you bring to our business. Plus we offer:

• Long-term career: we are a Big-4 global firm operating in almost all countries of the world.
• Continuous learning: Youll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: Well provide the tools and flexibility so you can make a meaningful impact your way.
• Transformative leadership: Well give you the insights coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: Youll be embraced for who you are and empowered to use your voice to help others find theirs.

If you can demonstrate that you meet the criteria above please contact us as soon as possible.

The exceptional EY experience. Its yours to build.

EY Building a better working world.

EY exists to build a better working world helping to create long-term value for clients people and society and build trust in the capital markets.

Enabled by data and technology diverse EY teams in over 150 countries provide trust through assurance and help clients grow transform and operate.

Working across assurance consulting law strategy tax and transactions EY teams ask better questions to find new answers for the complex issues facing our world today.