Risk _ Technology Risk_ Non Fso_senior Job in Ernst & Young Global Limited

EY- Consulting - Technology Risk Senior

As part of our EY- ConsultingTechnology Risk team youll contribute technically to IT Risk and Assuranceclient engagements and internal projects. An important part of your role willbe to actively establish, maintain and strengthen internal and externalrelationships. Youll also identify potential business opportunities for Ernst& Young within existing engagements and escalate these as appropriate.Similarly, youll anticipate and identify risks within engagements and shareany issues with senior members of the team.

The opportunity

Were looking for Senior Consultant to jointhe leadership group of our EY-ConsultingTechnology Risk Team. This is a fantastic opportunity to be part of a leadingfirm whilst being instrumental in the growth of a new service offering.

Your keyresponsibilities

Participate in ITRisk and Assurance engagements

• Work effectively as ateam member, sharing responsibility, providing support, maintainingcommunication and updating senior team members on progress

• Help prepare reportsand schedules that will be delivered to clients and other parties

• Develop and maintainproductive working relationships with client personnel

• Build strong internalrelationships within Ernst & Young Consulting Services and with otherservices across the organization

• Obtain and reviewevidence of compliance for adherence to standards

• Obtain evidence andperform SOD analysis

• Collaboration withother Compliance Analysts to identify overlaps with complementary complianceframeworks

• Key domains ofcompliance controls, including change management, access to systems, networksand data, computer operations and systems development.

• Driving necessarysystem and process updates across key domains of compliance

• Management of ITsecurity and IT risk (e.g., data systems, network and applications) across theenterprise.

• Assist with thedevelopment of policies, procedures and standards that meet existing and newlydeveloped policy and regulatory requirements

• Assist withfacilitating IT security/risk training curriculum.

• Work closely withcross-functional teams and develop strong relationships as project lead withinIT security and GRC projects.

• Stay current with andpromote awareness of applicable regulatory standards, upstream risks andindustry best practices across the enterprise

• IT audit in thecontext of a financial audit, and related regulations, auditing standards andguidelines

• Control frameworkssuch as COSO, internal control principles and related regulations including SOXand J-SOX

• Internal auditservices with a specific focus on IT, and related industry standards

• Common IT governance,control and assurance industry frameworks, including COBIT, Risk IT, ValIT, ITGovernance Institute and ISACA good practices

• IT industryframeworks such as ITIL and CMM

• Third party reportingstandards (particularly SSAE16), other reporting and industry specificstandards and, if applicable, trust-based standards such as SysTrust andWebTrust

  Skills andattributes for success

• Experience inevaluation of sensitive access and SOD based on business risks/ industry bestpractice risks for multiple ERPs.

• Experience increation of SOD rulebooks based on the client business processes and applications

• Experience in roleredesign based on the violations identified during the SOD tests.

• Application controlsand security experience

• Security modelling

• Process systems andintegrity, including risks and controls within business processes (manual,automated, security)

  To qualify forthe role, you must have

• B.E/B.Tech (CS/ IT, Electronics, Electronics &Telecommunications,)/MBA/M.Sc. with at least 4-6 years of experience

• Control frameworks such as COSO

• Enterprise risk services with a specific focus onIT, and related industry standards

• IT risk management framework

  Ideally, youllalso have

• Robustunderstanding of program and project management practices

• Familiaritywith a typical IT systems development life cycle