Senior Cybersecurity AI Risk and Governance Consultant

Description

Location: Katowice - 2 days office / 3 days remote Let us introduce you the job offer by EY GDS Poland – a member of the global integrated service delivery center network by EY. The opportunity As a Senior Consultant within our Cybersecurity, Risk, Compliance & Resilience (CRCR) competency, you will support EY clients in the design, assessment, and implementation of AI governance and AI risk management frameworks, enabling the responsible, secure, and compliant adoption of AI across the enterprise. What we look for We look for professionals who can bridge technology, risk, and regulation with confidence to shape secure and compliant AI. You bring a strong risk mindset, curiosity about emerging AI technologies, and the ability to turn complex AI risks into clear, practical guidance for cybersecurity leaders. Above all, you’re motivated to help organizations innovate responsibly while meeting the highest standards of governance and trust.

What we offer

• EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across nine locations – Argentina, Hungary, India, the Philippines, Poland, Sri Lanka, Mexico, Spain and the United Kingdom – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career.

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.

• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.

• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.

• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

Ideally, you’ll also have

• One or more certificate from the following: AAISM, AAIR, ISO/IEC 42001 Lead Implementer, CISSP, CISM, CRISC, ISO/IEC 27001 Lead Implementer, ISO/IEC 27005 Risk Manager, or any other recognized and equivalent certification in risk management, and cybersecurity governance

Skills and attributes for success

• Minimum 5 years of experience in cybersecurity or emerging technology risk management or governance, with hands-on experience or strong exposure to AI-related governance and risk topics, including but not limited to:

Your key responsibilities

• As Senior Cybersecurity AI Risk and Governance Consultant, you will help organizations evaluate the maturity, effectiveness, and compliance of AI systems against emerging AI regulations, ethical principles, and industry standards, aligning AI initiatives with business strategy and regulatory expectations.

• In addition to governance and compliance assessments, you will lead or contribute to AI risk identification, risk assessment, and risk treatment activities, including AI security risks, model risks, data risks, and third‑party AI risks. You will support the development of AI control frameworks, operating models, and AI risk mitigation plans, ensuring that AI-enabled solutions remain trustworthy, transparent, and resilient.

To qualify for the role, you must have

• Excellent command of the English language, other European language would be an asset

• Analytical and problem-solving ability, ability to work effectively as a team member or as individual contributor, observant with an eye for detail

• Ability to develop, review, and challenge AI-related policies, standards, procedures, and control designs

• Confidence in communicating complex AI risks, regulatory requirements, and technical concepts to non-technical audiences, including executive management

Designing and assessing AI governance frameworks, policies, and controls aligned with regulatory and ethical requirements

• Performing AI risk assessments, including risks related to model risk, data quality and data privacy, AI security threats

• Assessing conformity with standards, regulations, and frameworks

• Supporting the implementation of risk treatment and control remediation plans for AI systems

• Experience or understanding of Third-Party Risk Management (TPRM) in the context of AI vendors, foundation models, and AI solutions

• Strong understanding of emerging AI regulatory risks and being able to recommend effective control solutions

• Exceptional stakeholder management and leadership skills, including guiding junior risk analysts and engaging with senior client stakeholders

Experience working with AI governance operating models, including roles and responsibilities, oversight forums, and lifecycle controls

• Knowledge of AI-related regulatory requirements, including EU AI Act, GDPR in AI context, DORA and NIS2, where applicable to AI-enabled environments