Compliance and Vulnerability Management Product Manager

Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 900 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team help protect the EY brand and build client trust.

Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entre security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value.

The opportunity

Security Technology Services (STS) organization, a part of Information Security, enables over 330,000 individuals across 140+ countries to access systems and information securely. As a member of the Security Technology Services (STS) team, the Product Manager partners closely across the entire (STS & Information Security) organization and outward to our customers to drive the delivery, adoption and management of internal information security products and services. This includes, introduction and enhancements of security services, service reviews, service improvements, service transition and readiness, product roadmaps, and other activities as identified pertaining to end-to-end service management. The successful candidate will be a superb people coach and communicator who is proficient at articulating priorities and developing relationships to drive service adoption for internal security technology offerings.

Your key responsibilities

• Advocate for our internal customers and addresses business challenges
• Educate and strategically advise stakeholders on the unique value propositions generated from products and services, customized to specific business needs and challenges.
• Oversee the relationship with external vendors and suppliers to ensure a stable supply chain, support relationship, and to leverage these relationships for future business needs. This includes tracking, evaluating, and addressing vendor performance against agreed-upon service level agreements (SLAs) and key performance indicators (KPIs), developing sourcing strategies that align with business goals, negotiating terms and conditions as well as managing ongoing contract compliance, and working to optimize costs associated with vendor services and products.
• Coordinate with Procurement and EY teams to raise contract renewals, ensuring timely renewal with no lapse in coverage.
• Ensure service introduction, transition, and readiness activities are being delivered for internal security protection services portfolio, and work to incorporate into the Service Catalog.
• Drive early adoption of the product portfolio by establishing and build relationships to retain engagement throughout the life of the service offering
• Collaborate to define metrics, monitor usage and manage metric reporting across STS product portfolio demonstrating product effectiveness and value proposition of STS security services portfolio.
• Gather product feedback from stakeholders and vendors to drive product strategies, as well as roadmaps, with STS Architecture and Engineering.
• Drive service review discussions with vendors and stakeholders providing measurements on usage, performance and effectiveness of service offerings.
• Drive service improvement and product compliance initiatives for product portfolio.

Skills and attributes for success

• Experience driving products throughout stages of its lifecycle from its conceptualization to market entrance and eventual phasing-out, including the ideation, planning, budgeting, forecasting, marketing and management.
• Experience with risk and incident management, the latest security vulnerabilities, advisories, understanding of attacks, and determination of countermeasures
• Security experience managing the identification and remediation of vulnerabilities within large software systems
• Knowledge of Governance, Risk & Compliance (GRC) efforts to support our Information Security and Compliance goals and objectives.
• Understanding of core Information Security principles and experience driving product strategies and roadmaps for information security products
• Experience in managing data security technologies, regional and global infrastructures including Cloud, and IT's overall technical operating environment to support proper recognition and potential impact of new product or service introductions
• Knowledge of information security systems and best practices, cybersecurity operations, governance, assurance and compliance
• Experience with developing C-Level reporting, participating in and driving discussions with senior leaders, and driving improvement action
• Strong analytical acumen and solution orientation to influence and guide teams and leaders in the organization in support of avoiding financial, operational, and security risks to EY and our customers.
• Build and maintain strong relationships across all levels of a matrixed, geographically and culturally dispersed organization
• Effective communication and analysis skills to break down complex issues, formulate solutions, and influence partners at various levels of the organization including senior and/or executive management.

To qualify for the role you must have

• Degree in Computer Science or equivalent work experience
• 7+ years in working with information security technology products and service offerings
• Experience in enterprise security tool implementations
• Experience in product management, service introduction, and service readiness processes

Ideally, you’ll also have

• Security certification such as CISSP or CISM preferred
• ITIL v3 Foundation Certification a plus

What we look for

• Deep critical thinking skills demonstrating analytical and systematic approach to problem solving
• Experience working in a global virtual environment
• Excellent verbal and written communication skills, including preparation and delivery of presentations
• Good judgment, tact, and decision-making ability
• Ability to understand and integrate cultural differences and motives and to work with cross cultural teams.
• Ability to deal with ambiguity and change, and exercise appropriate time management to meet objectives
• Ability to work autonomously but also within a team environment where vital

What we offer

As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer:

• Continuous learning: You will develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way.
• Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs.

We ensure that individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job functions and to receive other benefits and privileges of employment. Please contact us to request accommodations.

EY is committed to being an inclusive employer, and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Join us in building a better working world.

Apply now.