Technology Assurance - Non FS Technology Risk Senior Consultant (Cloud Controls)

at  EY

JOB DESCRIPTION

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

THE OPPORTUNITY

We’re looking for Senior to join the leadership group of our EY- Technology Assurance Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering.

SKILLS AND ATTRIBUTES FOR SUCCESS

• Knowledge and experience of the following areas, and be developing deep experience and technical competence in at least one:
• Assess risk associated with various cloud engagement models (laaS, PaaS, SaaS) and their implementation in the firm.
• Test controls over applications and system infrastructure, including those over data accuracy, completeness and processing, systems development, change management, logical access, data security and entitlements, production management and technology governance.
• Identify control gaps and open risks, raise insightful questions to identify root causes and business impact and draw the appropriate conclusions.
• Work in close collaboration with colleagues located in overseas offices to support application technology audits. The candidate is expected to have excellent communication skills and ability to work as part of virtual teams.
• Participate/ lead strategic initiatives and projects to enhance our cloud audit approach and coverage.
• IT audit in the context of a financial audit, and related regulations, auditing standards and guidelines
• Experience in auditing IT General Controls, IT Application Controls, Systems & Organization Controls (SOC) Report, auditing automated business process controls, ISO27001 and related domains (Application, Operating System, Database and Network layers) specifically for cloud environment.
• Minimum three years of relevant experience in cloud consulting or cloud audit of Microsoft Azure or Amazon Web Services.
• Understanding and hands on experience in cloud technology focusing on cloud security, information protection and DevOps.
• Internal audit services with a specific focus on IT, and related industry standards
• Common IT governance, control, and assurance industry frameworks, including COSO, COBIT, RiskIT, ValIT, IT Governance Institute and ISACA good practices.
• Familiarity with security and risk standards such as ISO 27001-2, PCI DSS, NIST, ITIL, COBIT
• Experience of security testing methods and techniques including network, operating and application system configuration review
• Experience in external client facing role.
• Experience in leading a team.
• Application controls and security experience
• Good to have – Experience in performing pre & post implementation reviews for Cloud environment.

YOUR KEY RESPONSIBILITIES ARE TO

• Manage/execute risk-based audits.
• Manage and lead a team of staff on Cloud projects, ensuring adherence to project timelines and quality standards.
• Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress.
• Help prepare reports and schedules that will be delivered to clients and other parties.
• Develop and maintain productive working relationships with client personnel.
• Build strong internal relationships within EY Advisory Services and with other services across the organization.

TO QUALIFY FOR THE ROLE, YOU MUST HAVE

• Graduate of Bachelor’s Degree in Computer Science, Information Technology, Engineering or equivalent courses with at least 3 years of experience in the field.
• Demonstrated expertise in security engineering with a focus on cloud technologies and SIEM platforms.
• Strong understanding of cloud networking concepts and familiarity with major cloud infrastructure providers (AWS, Azure, Google Cloud).