Within EY's IT Risk & Assurance practice, the Manager supervises multiple client engagement teams and other related activities. Engagements focus on the assessment and/or evaluation of Information Technology (IT) systems and the mitigation of IT-related business risks. Engagements may be either assurance (attestation) and/or risk advisory in nature, and vary considerably in size and complexity. All of our IT Risk & Assurance services whether assurance or advisory in nature, are designed for the dual purpose of strengthening internal controls and, in so doing, helping to improve IT and business performance.
In addition to assurance-related engagements such as financial attestation and SSAE 16 engagements, our IT risk advisory services focus on IT governance and effectiveness; IT program management and assurance; security and controls of Enterprise Resource Planning (ERP) implementations; and business intelligence and information analysis.
Your role as a Manager will require you to lead teams or parts of teams on engagements of different sizes and will be under the guidance of higher levels. They will look to you to anticipate and identify risks, and raise any issues with them as appropriate. As an influential member of the team, you will help to create a positive learning culture and will coach and counsel junior team members to assist in their professional development. You will lead by example and act as a role model for our people in the way that you live our values.
Lead and deliver ITRA engagements
Assist in managing financial aspects of engagements by organizing staffing, tracking fees and communicating issues to project leaders.
Participate in business development initiatives
Build strong internal relationships within Advisory and across other services.
Develop people through effectively supervising, coaching, and mentoring staff
Conduct performance reviews and contribute to performance feedback for staff
Contribute to people initiatives including recruiting, retaining and training ITRA professionals
Technical skills requirements
You need to be able to demonstrate project experience and client knowledge gained from professional practice across majority of the areas below:
Security strategy and transformation / business change / programme management / target operating modelling
Security assessments, e.g. ISO27001
Identity and Access Management
IT Risk Assessments
IT External/Internal Audits
Third Party Validation
IT Governance Implementation and Review
IT Security Reviews
Awareness of National and International security standards
Team Leadership / Management experience
To qualify, candidates must have:
A bachelor's degree and approximately 5 years of related work experience
A degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline
Significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) IT internal or operational audits; (b) SSAE16 Attest engagements; and/or (d) ERP security and control reviews (Oracle, SAP, PeopleSoft)
Project management skills
Strong written and verbal communication skills and presentation skills
Leadership, teamwork and client service skills
Demonstrated integrity within a professional environment
Successful candidates must be available to travel outside of their assigned office location at least 50% of the time, plus commute within the region (where public transportation often is not available). Successful candidates must work in excess of standard hours when necessary. A valid passport is required
CPA, CA, CISA, CISSP, CISM, CBCP, CIA, CIPP, CGEIT certification is desired; non-certified hires are required to become certified to be eligible for further promotions and increments
Previous Big 4 experience preferred
Building a better working world