Risk Consulting-Digital Risk-Manager-Cloud

Pune, Maharashtra
Permanent
Full-time

2 days ago

At EY, we're all in to shape your future with confidence.We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go.Join EY and help to build a better working world.Job description - Manager - Cloud (Risk Consulting - Digital Risk)Requisition ID - TBCEY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY GDS, you'll have the chance to build a career as unique as you are, with global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY GDS become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.The opportunityThe objective of our Risk Consulting services is to provide clients with a candid and reliable overview of their risk landscape. Our solutions enable clients to build confidence and trust with customers, regulators, and the broader market.Within Cloud Risk and Security, this role focuses on leading engagements that assess, test, and validate cloud security and risk controls across AWS, Azure, and Google Cloud Platform environments. The role involves working closely with IT, cloud engineering, security teams, and business stakeholders to ensure that cloud environments are secure, resilient, and aligned with business objectives and regulatory requirements.Your key responsibilities

Operate as a fieldwork leader, assisting clients in identifying, assessing, and monitoring cloud-related security and technology risks.
Lead and execute cloud security and risk assessments, including control design and operating effectiveness testing across AWS, Azure, and GCP.
Collaborate with engagement teams to plan engagements, develop work programs, timelines, risk assessments, and testing procedures.
Serve as a fieldwork leader by directing daily testing activities, tracking engagement progress, and managing staff performance.
Perform cloud architecture and configuration reviews covering landing zones, identity models, network segmentation, encryption and key management, logging and monitoring, and backup and disaster recovery.
Assess cloud governance and security controls aligned to shared responsibility models and industry frameworks.
Prepare high-quality deliverables, reports, and recommendations aligned with US work product quality standards.

Skills and attributes for success

Strong fundamentals across cloud risk and cloud security, with hands-on experience across AWS, Azure, and Google Cloud Platform.
Strong audit mindset with the ability to design, execute, and evidence control testing across cloud environments.
Proven experience leading cloud security audits, risk assessments, architecture reviews, and maturity assessments.
Practical experience assessing controls related to identity and access management, network security, encryption and KMS, logging and monitoring/SIEM, backup and disaster recovery, and data protection.
Experience with containerized and cloud-native environments, including Kubernetes, serverless, and workload security.
Proven ability to lead multi-location teams, manage delivery risks, and deliver high-quality outcomes within agreed timelines and budgets.
Strong written and verbal communication skills in English (non-negotiable).
Ability to manage time effectively and work in US time zones, as per project needs.
Exposure to cyber-related risk or security activities is an added advantage.

Behavioral Skills

Demonstrates adaptability and agility, with a strong commitment to continuous learning across cloud platforms and emerging technologies.
Exhibits end-to-end engagement leadership, delivering cloud security audits and risk assessments across complex environments.
Brings an innovation-oriented mindset, leveraging automation and analytics to enhance control testing efficiency and continuous monitoring.
Actively contributes to practice-building initiatives, including development of accelerators, tools, and reusable assets.
Proven ability to lead, mentor, and guide teams to deliver high-quality outcomes.
Communicates effectively and manages stakeholder expectations across technical and business audiences.

To qualify for the role, you must have.

Bachelor's or Master's degree with 7-12 years of total experience, including 3-5 years in cloud security or cloud risk roles.
Cloud security certifications such as CCSP or CCSK, AWS Security Specialty, Azure Security Engineer, or equivalent.
Demonstrated experience in cloud security audits, risk assessments, architecture reviews, and control testing.
Experience designing and assessing controls across identity and access management, network security, encryption and KMS, logging and monitoring, backup and disaster recovery, and data protection.
Familiarity with regulatory frameworks and compliance standards such as ISO 27001, NIST CSF, SOC 2, PCI DSS, and privacy expectations.
Client-facing experience working with engineering, security, and risk stakeholders.

Ideally, you'll also have

Exposure to container security, Kubernetes, Zero Trust concepts, SASE/SSE, CASB, or cloud-native security tooling is preferred.
Experience supporting regulated industries or large-scale cloud transformations or migrations is an added advantage.

EY | Building a better working worldEY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

Apply Now