Risk Consulting - Cyber Risk - Senior Consultant - Multiple Cities

Location: Chicago

Other locations: Anywhere in Region

Date: Sep 24, 2025

Requisition ID: 1513979

EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

The opportunity: Our consulting risk services provide clients with a candid and reliable overview of their risk landscape. Our solutions help clients build confidence and trust with customers, the broader market, and where required by regulation or contract. For our Cyber Risk services, the ideal candidate will be responsible for identifying, evaluating, and managing cyber risks across the organization, working with IT, security teams and business units to align cyber risk posture with business objectives and regulatory requirements.

You will operate as a fieldwork leader to assist clients in employing proper information systems, resources, and controls to maximize efficiencies and minimize risk. You will work with client personnel to analyze, evaluate, and enhance information systems facilitating the business internal control process, and will assist clients and other Risk Assurance professionals in performing information technology control and security engagements.

• Collaborate with the engagement team to plan the engagement, develop work program timelines, risk assessments, and other planning documents. Document business processes dependent on information technology. Serve as a fieldwork leader by directing daily fieldwork progress, informing supervisors of engagement status, and managing staff performance.
• Demonstrate and apply a thorough understanding of complex information systems. Use knowledge of the current IT environment and industry IT trends to identify engagement and client service issues, and communicate this information to the engagement team and client management in writing and verbally. Demonstrate strong project management skills and teamwork, and use current technology to enhance deliverables.
• Conduct comprehensive cyber risk assessments to identify vulnerabilities, threats, and potential impacts.
• Develop and implement risk mitigation strategies and controls to protect against cyber threats.
• Collaborate with IT and security teams to ensure cybersecurity policies and procedures are up-to-date and effectively implemented.
• Monitor the cyber threat landscape and provide timely intelligence to relevant stakeholders.
• Facilitate risk management discussions with business leaders to ensure understanding of cyber risk exposure.
• Oversee the cyber risk management lifecycle, including risk identification, analysis, response, and monitoring.
• Coordinate with external partners, such as insurance providers and cybersecurity firms, to manage and transfer cyber risks where appropriate.
• Prepare and present risk reports and dashboards to senior management and the board of directors.
• Ensure compliance with relevant laws, regulations, and industry standards related to cybersecurity and data protection.
• Conduct training and awareness programs to promote a culture of cybersecurity across the organization.

To qualify for the role you must have

• A bachelor’s or master’s degree
• Bachelor’s degree in Information Technology, Cybersecurity, Risk Management, or a related field
• Professional certifications such as CISSP, CISM, CRISC, or similar are highly desirable
• Minimum of 2 years of experience in cybersecurity, risk management, or a related role
• Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001) and regulatory requirements
• Proven experience in risk assessment methodologies and tools
• Excellent analytical and problem-solving skills
• Strong communication and interpersonal skills, with the ability to convey complex information to non-technical stakeholders
• Ability to work independently and as part of a team in a fast-paced environment
• Willingness to travel outside of the assigned office location at least 50% of the time, plus commute within the region (public transportation may be limited). Successful candidates must work in excess of standard hours when necessary. A valid passport is required

• A bachelor’s or master’s degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline
• CPA, CA, CISA, CISSP, CISM, CBCP, CIA, CIPP, CGEIT certification is desirable; non-certified hires are required to become certified to be eligible for promotion to Manager
• Additional cloud-based certifications (not currently meeting the certification requirement above): CCSP, CCSK, CCAK, Microsoft Certified: Azure Fundamentals, AWS Certified Cloud Practitioner, Google Cloud Digital Leader

We’re looking for passionate leaders with strong vision and a desire to stay on top of trends in the risk industry. If you have a genuine passion for helping businesses achieve their full potential, this role is for you.

We offer a comprehensive compensation and benefits package where you’ll be rewarded based on performance. Salary ranges: US locations $84,400–$154,700; NYC Metro, WA, CA (excluding Sacramento) $101,300–$175,800. Total Rewards include medical and dental, pension and 401(k), and various paid time off. Flexible vacation policy lets you decide vacation time based on personal circumstances, with EY holidays and other leaves as needed for well-being.

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide tools and flexibility so you can make a meaningful impact, your way.
• Transformative leadership: We’ll provide insights, coaching and confidence to be a leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

EY accepts applications on an ongoing basis. If you meet the criteria, please contact us as soon as possible.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

For those living in California, please click here for additional information.

EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.

EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you need assistance applying online or to request an accommodation during any part of the application process, please call 1-800-EY-HELP3 or email EY’s Talent Shared Services Team.

EY refers to the global organization and may refer to one or more of the member firms of Ernst & Young Global Limited, each a separate legal entity. Ernst & Young Global Limited does not provide services to clients.

Provider

Description

Enabled

SAP as service provider

• "route" is used for session stickiness
• "careerSiteCompanyId" is used to send the request to the correct data center
• "JSESSIONID" is placed on the visitor's device during the session so the server can identify the visitor