At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
Risk Assurance Consultant Risk Assurance covers all risk services where EY is providing independent assurance and the preparation towards assurance to our clients where the assurance can be used by our clients to build confidence and trust with their customers, the general market/public, key stakeholders or when regulatory (by law or oversight) or contractually required. Engagements focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. Engagements may be either assurance (attestation) and/or risk advisory in nature, and vary considerably in size and complexity.
The Opportunity
All of our services whether assurance or advisory in nature are designed for the dual purpose of strengthening internal controls and, in so doing, helping to improve IT and business performance. In addition to assurance-related engagements such as financial attestation and SSAE 16 engagements, our IT risk advisory services focus on IT governance and effectiveness; IT program management and assurance; security and controls of ERP implementations; and business intelligence and information analysis. Your key responsibilities:
Execute and participate in performing procedures especially focusing on complex, judgmental and/or specialized issues and share knowledge with team members. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement. Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business.
Skills and attributes for success:
• Experience working as an IT auditor or IT risk adviser for a public accounting firm, a professional services firm, or within industry
• Experience in having applied relevant technical knowledge in at least one of the following engagements: (a) financial audit IT integrations; (b) IT internal audits; (c) IT attestations (SSAE 16/SOC 1 or SOC 2 engagements); and/or (d) ERP security and controls reviews (Oracle, SAP, PeopleSoft)
• Experience in performing on application and IT general controls on various applications, networks, operating systems (OS) and databases such as Windows 2000, 2003 and 2008, Microsoft SQL Server, Red Hat Linux, HP-UNIX, Oracle, SAP, Solaris and Mainframe
• Experience in security or infrastructure reviews for various OS and databases such as Windows 2000, 2003 and 2008, Microsoft SQL Server, Red Hat Linux, HP-UNIX, Oracle, SAP, Solaris and Mainframe
• Strong project management skills
• Advanced written and verbal communication skills and presentation skills
• CPA, CA, CISA, CISSP, CISM, CBCP, CIA, CIPP, CGEIT or certification is desired; non-certified hires are required to become certified within 1 year from the date of hire. Based on an individual's professional background, area of specialization, or industry focus, we recognize that other certifications, credentials, or experience may be more relevant than the listed certifications and therefore may be acceptable substitutes with written consent of EY's Americas IT Risk & Assurance leadership To qualify, you must have:
• A bachelor's degree and approximately 2-3 years of related work experience in IT audit or controls testing;
• A degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline
• Detail-oriented and has proficient communication skills
• Preferably with experience on testing cyber-related controls (e.g., Penetration testing, Firewall, IPS/IDS, Anti-virus, etc.)
• Ability to critically review IT processes to identify controls gaps and weaknesses
• Ability to liaise with stakeholders and strong project management skills
• CISA holder is a plus, but not a necessity
• Must be amenable to work in McKinley Hill, Taguig City or Ortigas EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
