IT Audit - Senior Associate at EY

The opportunity 

Our structured career framework means you’ll continue to develop, whatever level you’re at. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

Your key responsibilities 

Our IT Risk & Assurance services are designed for the dual purpose of strengthening internal controls and, in so doing, helping to improve IT and business performance. In addition to assurance-related engagements such as financial attestation and ISAE 3402 engagements, our IT risk advisory services focus on IT governance and effectiveness; IT program management and assurance; security and controls of Enterprise Resource Planning (ERP) implementations; and business intelligence and information analysis. We are currently offering positions in the following areas:

• Application Risk & Controls practice

• Information Management and Analysis Services practice

• Financial Services Technology Risk and IT Regulatory Services

In your role as a Risk Assurance Associate, you’ll:

• Effectively manage and motivate client engagement teams with diverse skills and backgrounds.

• Consistently deliver quality client services and manage expectations of client service delivery.

• Drive high-quality work products within expected timeframes and on budget.

• Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.

• Stay abreast of current business and industry trends relevant to the client's business.

• Develop and maintain long-term relationships and networks with clients and internal EY stakeholders - Demonstrate deep technical capabilities and professional knowledge.

• Possess in depth business acumen and demonstrate ability to quickly assimilate to new knowledge. - Remain current on new developments in advisory services capabilities and industry knowledge.

Skills and attributes for success 

• Working experience on at least two (2) full cycles of access control framework definition, security role design, remediation and implementation for ERP solutions such as SAP and Oracle. 

• Working experience in performing business process controls review, access controls review (e.g., segregation of duties) and project risk assessments in an ERP environment.  Having experience in continuous controls monitoring and controls optimization type of work would be an advantage.

• In-depth knowledge on key risks and expected controls (including compensating controls) in one or more business processes (e.g., procure to pay, and financial statement close)

• Understanding of and/or implementation experience with a variety of GRC tools (e.g., SAP GRC and Oracle ICM)

To qualify for the role, you must have:

• A recognized university degree in accounting, business, information technology, engineering, mathematics or other relevant discipline

• At least 4 years of relevant consulting or industry experience, preferably in a professional services environment or MNC.

• Candidates who possess professional certifications such as Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) and / or Certified Fraud Examiner (CFE) are highly encouraged to apply.

• Proficiency with Microsoft Excel, Access, Word, and PowerPoint

• Strong analytical, interpersonal, communication, writing and presentation skills

• Demonstrates integrity, values, principles, and work ethic

• Willingness to travel on overseas assignment as the need arises

Ideally, you’ll also have 

Application Risk & Controls

This practice focuses on enterprise IT application assessment, Governance, Risk and Compliance (GRC) technology assessment, IT Application and Tool Implementation. We deliver valuable insights and enable better business decisions through improved quality of information.

What we look for 

More than anything, we’re interested in people with the right attitude for the job! That’s naturally entrepreneurial people that feed on the energy of a thriving global team. You’ll need a balance of technical and analytical skills, a creative approach to work and strong communication skills. Put simply, if you’ve got big ideas on how we can do better, as well as the confidence to voice them, this role is for you.