Job summary

IT Risk & Assurance services, are designed for the dual purpose of strengthening internal controls and, in so doing, helping to improve IT and business performance. In addition to assurance-related engagements such as financial  attestation and ISAE 3402 engagements, our IT risk advisory services focus on IT governance and effectiveness; IT  program management and assurance; security and controls of Enterprise Resource Planning (ERP) implementations; and  business intelligence and information analysis. We are currently offering positions in the following areas:

• Application Risk & Controls practice
• Information Management and Analysis Services practice

Responsibilities, Qualifications, Certifications - External

In your role as a Risk Assurance Associate you’ll:

• Effectively manage and motivate client engagement teams with diverse skills and backgrounds.
• Consistently deliver quality client services and manage expectations of client service delivery.
• Drive high-quality work products within expected timeframes and on budget.
• Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.
• Stay abreast of current business and industry trends relevant to the client's business.
• Develop and maintain long-term relationships and networks with clients and internal EY stakeholders - Demonstrate deep technical capabilities and professional knowledge.
• Possess in depth business acumen and demonstrate ability to quickly assimilate to new knowledge. - Remain current on new developments in advisory services capabilities and industry knowledge

Requirements:

• A recognized university degree in accounting, business, information technology, engineering, mathematics or other relevant discipline
• At least 12 years of relevant consulting or industry experience, preferably in a professional services environment Big 4.
• Candidates who possess professional certifications such as, Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) and / or Certified Fraud Examiner (CFE) are highly encouraged to apply.
• Proficiency with Microsoft Excel, Access, Word, and PowerPoint
• Strong analytical, interpersonal, communication, writing and presentation skills
• Demonstrates integrity, values, principles, and work ethic
• Willingness to travel on overseas assignment as the need arises

In addition, candidates should have experience in at least one of these specific areas below:

1. Application Risk & Controls

This practice focuses on enterprise IT application assessment, Governance, Risk and Compliance (GRC) technology assessment, IT Application and Tool Implementation. We deliver valuable insights and enable better business decisions through improved quality of information.

To qualify, candidates should have: 

• Working experience on at least two (2) full cycles of access control framework definition, security role design, remediation and implementation for ERP solutions such as SAP and Oracle. 
• Working experience in performing business process controls review, access controls review (e.g., segregation of duties) and project risk assessments in an ERP environment.  Having experience in continuous controls monitoring and controls optimization type of work would be an advantage.
• In-depth knowledge on key risks and expected controls (including compensating controls) in one or more business processes (e.g., procure to pay, and financial statement close)
• Understanding of and/or implementation experience with a variety of GRC tools (e.g., SAP GRC and Oracle ICM)

2. Information Management and Analysis Services

This practice focuses on analytics delivery, analytics enablement, data quality and governance, and data management.  We deliver valuable insights and enable better business decisions through effective collection, storage, analysis and management of quality of information.

To qualify, candidates should have: 

• Working experience in one or more of the following domains: data / statistical analysis, data management, data quality assessment and profiling, data governance, data warehouse / Cubes development, business intelligence, data mining, data conversion, continuous auditing / monitoring, data modeling, and/or ETL development
• Competency with one or more of the following tools would be an added advantage: SQL, R, ACL, IDEA, SAS, SPSS, Business Objects, Congos, Tableau, Spotfire or other OLAP / analysis tools
• In-depth knowledge with analytics implementation / development in one or more domains / industries (e.g., procurement,HR, banking and / or government) would be useful
• Strong analytical and problem-solving skills, and ability to work with incomplete or imperfect data.
• Ability to identify and visualize relationships within large, not obviously related data sets.
• Familiarity with linear algebra and matrix algorithms is a plus. Ability to build and interpret probabilistic models of complex, high-dimensional systems is a plus.