Senior Consultant - Technology Risk

Overview

EY is looking to add GCC nationals and qualified female professionals to its MENA team across several GCC locations. The role offers an opportunity to make a direct client impact, contribute meaningful insights, and work within a globally connected, diverse organization.

The hiring approach supports regional nationalization priorities and EY’s broader commitment to gender diversity, inclusion, and a welcoming workplace culture.

Key Responsibilities

This position is centered on delivering engagements with very little supervision. The consultant will also assist senior leaders with proposals, presentations, and other business development work, while taking ownership of the quality and delivery of final client reports.

• Lead and execute client engagements independently with minimal oversight.
• Support the preparation of proposals, presentations, and business development materials.
• Ensure that client deliverables and final reports meet EY quality standards.
• Bring proven experience in technology risk engagement delivery.
• Work across technology risk, IT, and cybersecurity domains to support client needs.

Technical Background and Domain Expertise

• Knowledge of governance and risk frameworks such as COBIT, ITIL, NIST, ISO 27001, information security principles, policy drafting, and risk assessments.
• Hands-on experience in IT systems audits, including audit planning, execution, evaluating complex environments, identifying control gaps, and presenting findings clearly.
• Understanding of internal controls over financial reporting, including ITGCs, ITACs, SOX-related requirements, and support for financial audits in coordination with auditors.
• Familiarity with business applications and platforms such as SAP, Oracle, Microsoft Dynamics, operating systems, and databases.
• Working knowledge of business continuity planning, disaster recovery principles, business impact analysis, recovery strategy design, and testing of continuity plans.
• Solid grasp of cybersecurity fundamentals, including common threats, vulnerabilities, and core security concepts.

Skills and Attributes

• Strong analytical and problem-solving ability.
• Effective verbal and written communication skills.
• Confident presentation and stakeholder management skills.
• Project coordination and organizational capability.
• Leadership presence with a client-focused approach.
• Ability to contribute to business development efforts.
• Comfort working both independently and as part of a team.

Qualifications

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related discipline.
• Professional certifications such as CISA, CISSP, CISM, or ISO 27001 Lead Auditor are preferred.
• At least 3 to 5 years of experience in IT audit, information security, or a closely related area.
• Practical knowledge of ITGC/ITAC, security frameworks, and cybersecurity best practices.

What EY Offers

EY provides future-focused development, global experience, and a flexible environment designed to support professional growth. The firm emphasizes an inclusive culture, globally connected teams, and strong career development opportunities.

Additional Information

Applicants who may need disability-related adjustments or accommodations during recruitment are encouraged to share those needs as early as possible so the process can be made equitable and inclusive.

About EY

EY helps clients build confidence in the future by creating value for people, society, and the planet while strengthening trust in capital markets. Backed by data, AI, and advanced technology, EY teams work across assurance, consulting, tax, strategy, and transactions in more than 150 countries and territories.