At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
JOB DESCRIPTION - Manager – FS TR - ITC – Tech Risk
Job Summary
As a TR-ITC manager, you'll contribute technically to Risk Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You'll also identify potential business opportunities for EY within existing engagements and escalate these as appropriate. Similarly, you'll anticipate and identify risks within engagements and share any issues with stakeholders as required.
In line with EY's commitment to quality, you'll confirm that work is of high quality and is reviewed by the next-level reviewer (client/onshore). As an influential member of the team, you'll help to create a positive learning culture, coach and counsel junior team members and help them to develop.
Your key responsibilities
Participate in IT Risk and Assurance engagements.
Proficiency in using audit software tools, data analytics techniques, and IT auditing techniques. Strong analytical skills are necessary for interpreting technical data, identifying patterns, anomalies, and areas of concern.
Understanding of regulatory requirements and industry standards related to IT governance, data protection, privacy, and cybersecurity, including regulations such as GDPR, HIPAA, PCI-DSS, and industry frameworks like COBIT and NIST Cybersecurity Framework.
Knowledge of IT governance principles, structures, and processes to ensure that IT activities align with business objectives, comply with regulations, and mitigate risks appropriately.
Proficiency in identifying, assessing, and managing IT-related risks to ensure that adequate controls are in place to mitigate potential threats to the organization's information assets, systems, and operations.
Familiarity with IT auditing principles, techniques, and tools to assess the effectiveness of IT controls, identify control deficiencies, and recommend remediation actions.
Proficiency in understanding IT systems, networks, applications, and infrastructure to design and implement controls effectively, including knowledge of common technology platforms, such as operating systems, databases, cloud services, and cybersecurity tools.
Strong project management skills for planning, coordinating, and executing internal control initiatives effectively, including managing resources, timelines, budgets, and deliverables.
The ability to lead and mentor a team of IT control professionals, providing guidance, support, and development opportunities.
Building and maintaining effective relationships with key stakeholders, including senior management, IT leadership, internal auditors, external auditors, and regulatory authorities.
Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress.
Skills and attributes for success
Experience in application controls and Information security experience.
Ability to build relationships with key stakeholders across different levels of seniority.
Strong written and verbal communication skills.
Conduct performance reviews and contribute to performance feedback for the team.
To qualify for the role, you must have
Preferably Bachelor's degree in Finance/Accounting, Electronics, Electronics & Telecommunications, Computer Science, MBA, M.Sc., or CA.
Minimum of 7-8 years of experience in internal controls and Internal Audit.
Enterprise risk services with specific focus on IT and related industry standards.
IT Risk Assurance framework.
Control frameworks such as COSO, internal control principles and related regulations including SOX and J-SOX.
Preferred security skills related to a broad range of operating systems, databases or security tools, e.g., UNIX, Linux, Windows 2000 and NT, firewalls and IDS systems.
Familiarity with IT analysis, delivery and operations methods, including ITGC, ITAC, SDLC, PAM and CM.
Familiarity with security and risk standards such as ISO 27001-2, PCI DSS, NIST, ITIL, COBIT.
Experience of security testing methods and techniques including network, operating and application system configuration review.
Application controls and security experience, including sensitive access and SOD testing, controls testing, and knowledge of data analysis tools like MS Excel, MS Access, MS SQL Server, ACL, Monarch, etc.
Preferred Certifications: CISA.
What we look for
We believe that you should own and shape your career. But we'll provide the support and opportunities to develop the skills, knowledge and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you'll interact and team with individuals from various geographies and sectors.
What working at EY offers
At EY, we're dedicated to helping our clients, from start-ups to Fortune 500 companies, and the work we do with them is as varied as they are.
You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:
Support, coaching and feedback from some of the most engaging colleagues around.
Opportunities to develop new skills and progress your career.
The freedom and flexibility to handle your role in a way that's right for you.
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
#J-18808-Ljbffr