Apply now »

Senior Consultant, Technology Risk - IT Risk & Assurance - Birmingham

Location:  Birmingham
Other locations:  Primary Location Only
Salary: Competitive
Date:  Jan 4, 2022

Job description

Requisition ID:  306081

Senior Consultant, Technology Risk – IT Risk & Assurance

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.  


Technology provides businesses with the potential to deliver new services, operate in new markets, and change the way they operate. With these opportunities come risks. 
The opportunity
As a leading independent provider of risk advisory services, EY supports organisations in managing their risks, exploiting opportunities and operating effectively. IT Risk and Assurance (ITRA) sits within EY’s Risk business and forms part of our broader Business Consulting practice.


Our clients seek independent advice and assurance on diverse issues including design and operation of their internal controls, security of their business critical systems, delivery of major IT enabled programmes, their relationships with third parties, and their management, stewardship and ability to exploit business critical data.
We are looking to recruit a Senior Consultant who can work directly with clients to help them understand and address risks associated with the technologies that support their business.  



Your key responsibilities
Your primary responsibility will be to plan and deliver IT risk and control advisory engagements. Depending upon the size and complexity of the engagement, you may lead a small team or carry sole responsibility for technical delivery.  

Examples of IT risk and control advisory engagements include:

  • Assessing clients' IT environments and IT-related business processes that support the financial statements to determine the extent to which reliance can be placed on the internal control environment
  • Identifying and remediating control and performance gaps compared to leading practice, helping clients gain stakeholder buy-in, reducing risk, and increasing value and visibility of IT cost
  • Assisting organisations in identification and management of information security risks by assessing the current state, prioritising improvements and conducting projects to reduce risk and improve regulatory compliance 


Within the context of client engagements, specific responsibilities include: 

  • Planning, budgeting and delivering engagement for review by ITRA Managers or Senior Managers 
  • Gaining an understanding of the clients' IT applications and infrastructure to determine the effectiveness of the control environment through performing and reviewing process walkthroughs 
  • Reviewing detailed analysis of the control environment to gain assurance over effective operation of controls 
  • Identifying control weaknesses and any mitigating controls 
  • Reviewing working papers and supporting evidence in line with internal compliance requirements 
  • Effectively articulating control findings to key client stakeholders.



Skills and attributes for success
Delivering either assurance or advisory services in a selection of the following areas:

  • IT risk, control and audit: 
    • S4/HANA Finance, Oracle, Hyperion, Dynamics, mid-tier accounting packages
    • Database systems e.g. DB2, Sybase, RDS, OS/400, Oracle
    • Operating systems e.g. OS/400, Windows, Unix (AIX, HPUX, Red Hat, Solaris)
    • SOx404 process control mapping (for risks and controls), IT testing, IT test and exception handling documentation, IT risk and control improvement
  • Core General Audit Management (GAM) (plus compulsory training and certification): audit planning, audit documentation (subject to inspection), audit testing including exception handling, use of GAM, use of Canvas, integration with Audit
  • ITPRM: Process controls, IT General Controls (ITGC), SOD controls, migration risks and controls, HYpercare controls, interface controls, IPE controls
  • SOCR: ISAE3402 frameworks, SSAE16 frameworks, COSO, COBIT, sampling, control descriptions, testing, exception handling, reporting


To qualify for the role you must have

  • Experience working in an IT risk and control environment at Senior Consultant level or equivalent
  • Consulting background and successful track record in Internal and/or External IT Audit 
  • You will be able to understand how to assess core IT-related controls 



Ideally, you’ll also have

  • IT general and application controls experience relating to SAP and/or other Enterprise Resource Planning (ERP) systems
  • Implementation assurance experience relating SAP and/or other ERPs
  • Ability to work in challenging, diverse, and evolving client environments with the utmost professionalism
  • Previous team and/or project leadership is desirable
  • Ability to build strong client relationships
  • Strong team working, presentation and facilitation skills plus excellent verbal and written communication 



What we look for

We are looking for high performing individuals with the passion and commitment to grow our practice and eventually become a Partner in our business. As an ambassador for the ITRA team, you will need to build a strong network internally and be able to exceed our clients' high expectations.  


What we offer
EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.


We offer a competitive remuneration package. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:

  • Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
  • Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
  • Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
  • Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.


If you can demonstrate that you meet the criteria above, please contact us as soon as possible.


The exceptional EY experience. It’s yours to build. 


Apply now.


Please note: Prior to finalizing your application, you will be asked to provide personal information across several dimensions of diversity and inclusiveness. The information you provide is kept entirely confidential and will not be used to evaluate your candidacy. We collect this data to help us analyse our recruitment process holistically and implement actions that promote diversity and inclusiveness. While optional, we encourage you to provide this information to hold us accountable towards our goal of building a better working world. We ask because it matters! 


Apply now »