IT Risk Management/Ch2 focus Manager

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Job description
At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Job summary
IT Risk Management – Technology Assurance - Manager
As Technology Assurance IT Risk Manager, you’ll be responsible for leading the engagement teams and contribute technically to IT Risk Assurance client engagements and internal projects within the company. The role involves assisting the Senior Managers & Directors while actively participating within the client engagement. In line with EY commitment to quality, you will manage risks associated with technology operations and to ensure compliance with regulatory requirements and industry best practices for your clients. As a member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. 

Your key responsibilities are to

• The purpose of this role will be to supervise delivery, provide technical and project leadership to your team members, as well as build relationships with clients. While delivering quality client services and enabling high-performing teams, you will drive high-value work products within expected timeframes and budget. You will monitor progress, manage risks and ensure key stakeholders are kept informed about progress and expected outcomes. Additionally, you will:
• Foster an innovative and inclusive team-oriented work environment. Play an active role in counselling and mentoring junior consultants within the firm.
• Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.
• Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business.
• Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels.
• Assist with cultivating and managing business development opportunities. Understand EY and its service lines and actively assess/present ways to serve clients.
• Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge.

Skills and attributes for success

• You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. 

To qualify for the role, you must have

• Bachelor’s degree in information technology, Computer Science, Information Systems, (Any B.E/B.Tech course with IT subjects, BCA/MCA, B.Sc.-IT/M.Sc.-IT), MBA in any domain, CA/ACCA, Cybersecurity, or a related discipline
• Passion for technology and an ardent desire to work in risk management.
• Minimum 7 years of a “Big 4” or professional firm or professional industry experience in risks & controls, with more than 5 years of experience in IT Risk Management, IT Regulatory Compliance, IT Audit and IT Transformation Risk areas such as:
  • Identification of strategic, IT & business risks and Identify control gaps, weaknesses and areas of improvements.
  • Design of IT Risk Controls frameworks and RACMs
  • Design and Implementation of IT general controls, IT application controls, Business Process controls, etc. 
  • Conducting IT internal control reviews, and review of SOC1 or SOC2 reports
  • IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML
  • Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc.
  • Understanding of IT regulatory compliances such as IT SOX, GDPR, ISO, PCI DSS etc.
• Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities.
• Excellent communication, documentation and report writing skills.
• Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant)

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.