Manager, Financial Accounting Advisory Services (Technology Risk), Assurance

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

EY is the most globally integrated professional services organization which encompasses a separate business unit dedicated exclusively to the financial services marketplace. Join Financial Services (FSO) and you will work with multi-disciplinary teams from around the world to deliver a global market perspective. Aligned to key industry groups including banking and capital markets, wealth and asset management and insurance, we are a leading provider of integrated assurance, advisory, tax, and transaction services dedicated to assisting financial institutions in navigating complex regulatory environments and managing technology risks effectively. We are committed to delivering exceptional service and innovative solutions to our clients. 

About the Opportunity

The financial services industry is faced with unprecedented technology risks and challenges. The ability to identify and address these rapidly evolving technology risks is key to providing assurance to their stakeholders in support of their business performance and compliance to regulations. Our Regulatory services in Technology Risk & Compliance are designed to provide financial regulators and financial institutions with assurance over the design adequacy and operating effectiveness of their IT controls based on industry and regulatory requirements, such as those from NIST and the MAS. 

As an Audit Manager specialising in regulatory assurance services within Technology Risk Management, you will lead and manage engagements to assess and ensure compliance with regulatory requirements and industry standards in information technology for financial institutions. You will oversee a team of professionals to conduct audits, identify areas of risk, assess the technology risk maturity and the design and operating effectiveness of the controls to address relevant technology and cybersecurity risks. You will also provide strategic guidance to clients to enhance their risk management practices and provide recommendations for enhancing controls and processes.  

You will be leading industry and regulatory assessment services that will directly support C-suite discussions and important business decisions regarding compliance and quality of the organisation’s risk management programs. This role helps you build deep and professional knowledge across the various sectors in Financial Services in the Banking and Capital Markets, Wealth and Asset Management and Insurance sector. You will also be part of the high-performing teams that deliver exceptional client service, enabling organisations to grow, innovate, protect and optimise their business performance – playing your part in building a better working world.

 
Your Key responsibilities 

• Lead and manage regulatory assurance engagements focusing on technology risk management processes and controls for financial institutions, ensuring the timely and high-quality delivery of services
• Plan, coordinate, and execute audit procedures to assess the overall risk profile of the client, establish areas of assessment focus and thematic risks based on industry and regulatory requirements. Evaluate the effectiveness of internal controls related to IT systems, cybersecurity, data privacy, and regulatory reporting based on regulatory, policy and other relevant stipulations
• Assess the adequacy of risk management frameworks and controls in mitigating technology related risks, including but not limited to operational, security and compliance risks, to identify areas for improvement and enhancement
• Interpret and apply regulatory requirements, standards and frameworks relevant to financial institutions in the context of audit engagements
• Develop comprehensive reports detailing observations and recommendations. Support the presentation of our perspective of identified observations and recommendations to the Board of Directors, Senior Management or other delegate management bodies of the client
• Collaborate closely with clients to understand their business objectives, risk appetite and regulatory obligations, providing strategic insights and guidance tailored to their needs
• Stay abreast of emerging trends, regulatory changes, and industry developments in technology risk management to ensure audit approaches and procedures remain current and effective
• Mentor and develop team members, providing coaching, training, and feedback to support their professional growth and development
• Engage in continuous improvement initiatives to enhance audit processes and tools for increased efficiency and effectiveness

 
You should be comfortable in a client-facing environment, be knowledgeable in the subject matter of technology risk and cybersecurity, and possess strong project management, analytical and team collaboration skills. It is essential that you are able to demonstrate integrity and professionalism in the course of work.
 
Expected Qualifications

• Bachelor Degree in Information Technology, Information Systems Management, Computer Engineering, Computer Science, Cybersecurity or similarly related discipline. Professional certifications such as CISA, CISSP, CISM, is preferred
• Minimum of 5 years of experience in internal or external audit, risk management, or compliance within the financial services industry, with a focus on IT / technology risk management/ cybersecurity. Candidates with experience in internal audit covering technology risks and cybersecurity will be considered
• Deep understanding of technology risks faced by financial institutions, regulatory requirements and standards applicable to financial institutions, and internationally accepted IT or Cybersecurity standards and frameworks (e.g. NIST, COBIT, ITIL, ISO 2700x), with the ability to interpret and apply them effectively
• Having proven track record of leading and managing regulatory assurance engagements, including planning, execution and reporting will be advantageous
• Strong analytical, problem-solving and communication skills, with the ability to coney complex technical concepts clearly and persuasively
• Excellent project management and leadership skills, with the ability to prioritise tasks, allocate resources, and meet deadlines effectively
• Collaborative mindset with a demonstrated ability to build relationships, influence stakeholders and work effectively in a team-oriented environment