Risk Consulting - Digital Risk - SOX ITGC Senior - Multiple Cities
Job description
At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
The opportunity
The objective of our risk consulting service is to support clients with the development, implementation, improvement, and modernization of their compliance programs to address the constantly changing risk and technology landscape. Our solutions can be used by our clients to build confidence and trust with their customers, the overall market, and when required by regulation or contract.
Your key responsibilities
You will operate as a fieldwork leader for engagements to help our clients develop and strengthen their IT compliance programs. You will work directly with clients to review their IT processes and controls, remediate and implement controls, onboard new tools and services into compliance frameworks, and assist with the readiness and adherence for new compliance regulations. Your responsibilities include both in-person and remote oversight and coaching of engagement team members, reporting to both senior engagement team members and client leadership, as well as partnering with our key client contacts to complete the engagement work.
Skills and attributes for success
- Demonstrate and apply a thorough understanding of IT-related risks and controls for complex information systems, i.e. microservice and/or cloud computing environments. Use current technology and tools to enhance the effectiveness of deliverables and services we provide. Remain attentive to current industry trends, and new compliance regulations to enhance the value delivered to our clients.
- Advise clients using your working knowledge of industry frameworks/regulations such as but not limited to: SOX, SOC1/2/3, ISO 27001, FedRAMP, PCI, HiTrust, NIST, CSA, etc.
- Collaborate with other onshore and offshore members of the engagement team both in-person and virtually to plan the engagement, develop project plans and timelines, and manage project health against the project plan.
- Serve as a fieldwork leader by directing the daily progress of fieldwork, informing supervisors and client stakeholders of engagement status, identifying and escalating challenges to supervisors or client stakeholders on a timely basis, and managing staff performance to consistently deliver exceptional client service.
- Demonstrate and apply strong project management skills and inspire teamwork and responsibility with engagement team members to meet or exceed expectations in accordance with agreed upon timelines. Demonstrate a commitment to the development of junior team members by providing clear guidance, providing regular constructive feedback, and embodying the expected gold-standard behaviors.
- Serve as a mentor to junior team members by creating a positive team environment, providing insights on ways to further their development and interests, building genuine relationships, and demonstrating care for their holistic career and personal growth.
To qualify for the role you must have
- A bachelor's or master's degree
- A minimum of 2 years of experience working as an IT risk consulting or IT auditor for a public accounting firm, a professional services firm, or within industry
- Bring your experience in applying relevant technical knowledge in at least one of the following engagements: (a) risk consulting (b) financial statement audits; (c) internal or operational audits; and/or (d) Service Organization Controls Reporting engagements;
- We would expect for you to be available to travel outside of their assigned office location at least 20% of the time, plus commute within the region (where public transportation often is not available). Successful candidates must work in excess of standard hours when necessary. A valid passport is required.
Ideally, you’ll also have
- A bachelor's or master's degree in business, computer science, information systems, informatics, computer engineering, accounting, or a related discipline
- CISA, CISSP, CISM, CPA or CA certification is desired; non-certified hires are required to become certified to be eligible for promotion to Manager.
What we look for
We’re looking for passionate leaders with strong vision and a desire to stay on top of trends in the risk industry. If you have a genuine passion for helping businesses achieve their full potential, this role is for you
- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.