Technology Assurance - Non FS Technology Risk Senior Consultant (Cloud Controls)

Job description

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

EY- Technology Assurance– Senior

As part of our EY- Technology Assurance team you’ll contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team.

The opportunity

We’re looking for Senior to join the leadership group of our EY- Technology Assurance Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering.

Your key responsibilities are to

• Manage/execute risk-based audits.
• Manage and lead a team of staff on Cloud projects, ensuring adherence to project timelines and quality standards.
• Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress.
• Help prepare reports and schedules that will be delivered to clients and other parties.
• Develop and maintain productive working relationships with client personnel.
• Build strong internal relationships within EY Advisory Services and with other services across the organization.

Skills and attributes for success

• Knowledge and experience of the following areas, and be developing deep experience and technical competence in at least one:
• Assess risk associated with various cloud engagement models (laaS, PaaS, SaaS) and their implementation in the firm.
• Test controls over applications and system infrastructure, including those over data accuracy, completeness and processing, systems development, change management, logical access, data security and entitlements, production management and technology governance.
• Identify control gaps and open risks, raise insightful questions to identify root causes and business impact and draw the appropriate conclusions.
• Work in close collaboration with colleagues located in overseas offices to support application technology audits. The candidate is expected to have excellent communication skills and ability to work as part of virtual teams.
• Participate/ lead strategic initiatives and projects to enhance our cloud audit approach and coverage.
• IT audit in the context of a financial audit, and related regulations, auditing standards and guidelines
• Experience in auditing IT General Controls, IT Application Controls, Systems & Organization Controls (SOC) Report, auditing automated business process controls, ISO27001 and related domains (Application, Operating System, Database and Network layers) specifically for cloud environment.
• Minimum three years of relevant experience in cloud consulting or cloud audit of Microsoft Azure or Amazon Web Services.
• Understanding and hands on experience in cloud technology focusing on cloud security, information protection and DevOps.
• Internal audit services with a specific focus on IT, and related industry standards
• Common IT governance, control, and assurance industry frameworks, including COSO, COBIT, RiskIT, ValIT, IT Governance Institute and ISACA good practices.
• Familiarity with security and risk standards such as ISO 27001-2, PCI DSS, NIST, ITIL, COBIT
• Experience of security testing methods and techniques including network, operating and application system configuration review
• Experience in external client facing role.
• Experience in leading a team.
• Application controls and security experience
• Good to have – Experience in performing pre & post implementation reviews for Cloud environment.

To qualify for the role, you must have

• Graduate of Bachelor’s Degree in Computer Science, Information Technology, Engineering or equivalent courses with at least 3 years of experience in the field.
• Demonstrated expertise in security engineering with a focus on cloud technologies and SIEM platforms.
• Strong understanding of cloud networking concepts and familiarity with major cloud infrastructure providers (AWS, Azure, Google Cloud).

Ideally, you'll also have

• Robust understanding of program and project management practices
• Familiarity with a typical IT systems development life cycle
• Relevant certifications such as CISA, CISM, CISSP, or specific certifications related to cloud security and SIEM technologies (e.g., AWS Certified Security)

What we look for

• A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment.
• Opportunities to work with EY technology risk practices globally with leading businesses across a range of industries.

What working at EY offers

• At EY, we’re dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are.
• You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:
• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career.
• The freedom and flexibility to handle your role in a way that’s right for you.

EY | Building a better working world