Job
Description
As Technology Risk Assurance Manager, you ll actively establish, maintain and strengthen internal and external relationships. With the guidance of partners, directors and senior managers, you ll identify potential business opportunities for EY. Drawing on your knowledge and experience, you ll provide innovative commercial insights for clients, adapt methods and practices to fit operational team and cultural needs and contribute to thought leadership. You ll actively contribute to improving operational efficiency on projects and internal initiatives. In line with our commitment to quality, you ll consistently drive projects to completion and confirm that work is of high quality. Your role in leading teams - or parts of teams - on engagements will depend on the size of engagement. When working on engagements, you ll report to higher levels of management, who will expect you to anticipate and identify risks, and raise any issues with them as appropriate. As an influential member of the team, you ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Client responsibilities Participate in Risk Assurance engagements Help manage the financial aspects of engagements by organizing staffing, tracking fees and communicating issues to project leaders Participate in business development initiatives Build strong internal relationships within EY Advisory Services and with other services across the organization Stakeholder management People responsibilities Develop people through effectively supervising, coaching, and mentoring staff Conduct performance reviews and contribute to performance feedback for staff Contribute to people-related initiatives including recruiting, retaining and training IT Risk and Assurance professionals Maintain an educational program to continually develop personal skills of all staff Understand and follow workplace policies and procedures Requirements (including experience, skills and additional qualifications) Technical skills requirements Preferably B.E/B.Tech (Electronics, Electronics & Telecommunications, Comp. Science)/MBA/M.Sc./CA with atleast a minimum of 6-9 years You ll have knowledge and experience of a number of the following areas, and be developing deep experience and technical competence in at least one Financial Audit IT Integration/ IT control testing experience Service Organization Controls Reporting (SOCR - SSAE 16 // ISAE 3402) SOC 1, 2, & 3 Reporting IT governance and risk Control frameworks such as COSO Enterprise risk services with a specific focus on IT, and related industry standards IT risk management framework Common IT governance and control industry frameworks, including CObIT, RiskIT, ValIT, IT Governance Institute and ISACA good practices IT industry frameworks such as ITIL and CMM Project risk Robust understanding of program and project management practices Familiarity with a typical IT systems development life cycle Experience in developing technical skills specific to a solution, e.g., SAP, Oracle, CRM Proven business process/analysis skills IT assurance and compliance A broad appreciation of business processes, data structures, IT applications and infrastructure, IT processes, and governance and internal control principles. Depending upon your specific area(s) of focus, you ll have additional skills and knowledge in IT audit in the context of a financial audit, and related regulations, auditing standards and guidelines Control frameworks such as COSO, internal control principles and related regulations including SOX and J-SOX Internal audit services with a specific focus on IT, and related industry standards Common IT governance, control and assurance industry frameworks, including CObIT, RiskIT, ValIT, IT Governance Institute and ISACA good practices IT industry frameworks such as ITIL and CMM Infrastructure Technically enabled IT /business transformation, program and project delivery, design, architecture and solution design, information management, implementation, operations, and management of IT infrastructure Strong technical or security skills related to a broad range of operating systems, databases or security tools, e.g., UNIX, Linux, Windows 2000 and NT, firewalls and IDS systems Familiarity with security and risk standards such as ISO 27001-2, PCI DSS, NIST, ITIL, COBIT Experience of security testing methods and techniques including network, operating and application system configuration review Applications Application controls and security experience security modeling sensitive access and SoD testing controls testing Process systems and integrity, including risks and controls within business processes (manual, automated, security) Change management Project management and program management office (PMO) experience Office skills/experience, e.g., Excel and Access Additional requirements Demonstrated track record with a blue chip consulting organization and/or a blue chip organization Demonstrated experience in business job descriptions development and account management Strong academic record including a degree Relevant professional qualifications such as CISA, CA, CIA
