IT Risk & Assurance Manager
EY - Nigeria
About this job
Job description
Job purpose
As IT Risk and Assurance Manager, you'll actively establish, maintain and strengthen internal and external relationships. With the guidance of partners, directors and senior managers, you'll identify potential business opportunities for Ernst & Young. Drawing on your knowledge and experience, you'll provide innovative commercial insights for clients, adapt methods and practices to fit operational team and cultural needs and contribute to thought leadership.
You'll actively contribute to improving operational efficiency on projects and internal initiatives. In line with our commitment to quality, you'll consistently drive projects to completion and confirm that work is of high quality. Your role in leading teams - or parts of teams - on engagements will depend on the size of engagement. When working on engagements, you'll report to higher levels of management, who will expect you to anticipate and identify risks, and raise any issues with them as appropriate.
As an influential member of the team, you'll help to create a positive learning culture, coach and counsel junior team members and help them to develop.
Client responsibilities
As IT Risk and Assurance Manager, you'll actively establish, maintain and strengthen internal and external relationships. With the guidance of partners, directors and senior managers, you'll identify potential business opportunities for Ernst & Young. Drawing on your knowledge and experience, you'll provide innovative commercial insights for clients, adapt methods and practices to fit operational team and cultural needs and contribute to thought leadership.
You'll actively contribute to improving operational efficiency on projects and internal initiatives. In line with our commitment to quality, you'll consistently drive projects to completion and confirm that work is of high quality. Your role in leading teams - or parts of teams - on engagements will depend on the size of engagement. When working on engagements, you'll report to higher levels of management, who will expect you to anticipate and identify risks, and raise any issues with them as appropriate.
As an influential member of the team, you'll help to create a positive learning culture, coach and counsel junior team members and help them to develop.
Client responsibilities
· Participate in IT
Risk and Assurance engagements
· Help manage the
financial aspects of engagements by organizing staffing, tracking fees and
communicating issues to project leaders
· Participate in
business development initiatives
· Build strong internal
relationships within Ernst & Young Advisory Services and with other
services across the organization
People responsibilities
People responsibilities
· Develop people
through effectively supervising, coaching, and mentoring staff
· Conduct
performance reviews and contribute to performance feedback for staff
· Contribute to
people-related initiatives including recruiting, retaining and training IT Risk
and Assurance professionals
· Maintain an
educational program to continually develop personal skills of all staff
· Understand and
follow workplace policies and procedures
Qualification
Technical skills requirements
You'll have knowledge and experience of a number of the following areas, and be developing deep experience and technical competence in at least one:
Qualification
Technical skills requirements
You'll have knowledge and experience of a number of the following areas, and be developing deep experience and technical competence in at least one:
· Governance and IT
management
· IT governance and
risk:
· Control frameworks
such as COSO
· Enterprise risk
services with a specific focus on IT, and related industry standards
· IT risk management
framework
· Common IT
governance and control industry frameworks, including CObIT, RiskIT, ValIT, IT
· Governance
Institute and ISACA good practices
· IT industry
frameworks such as ITIL and CMM
· Project risk:
· Robust
understanding of program and project management practices
· Familiarity with a
typical IT systems development life cycle
· Experience in
developing technical skills specific to a solution, e.g., SAP, Oracle, CRM
· Proven business
process/analysis skills
· IT assurance and
compliance
· A broad
appreciation of business processes, data structures, IT applications and
infrastructure, IT processes, and governance and internal control principles.
· Depending upon
your specific area(s) of focus, you'll have additional skills and knowledge in:
· IT audit in the
context of a financial audit, and related regulations, auditing standards and
guidelines
· Control frameworks
such as COSO, internal control principles and related regulations including SOX
and J-SOX
· Internal audit
services with a specific focus on IT, and related industry standards
· Common IT
governance, control and assurance industry frameworks, including CObIT, RiskIT,
ValIT, IT Governance Institute and ISACA good practices
· IT industry
frameworks such as ITIL and CMM
· Third party
reporting standards (particularly SAS 70), other reporting and industry
specific standards and, if applicable, trust based standards such as SysTrust
and WebTrust
· Infrastructure
· Technically
enabled IT /business transformation, program and project delivery, design,
architecture and solution design, information management, implementation,
operations, and management of IT infrastructure
· Information
systems security assessment, design, architecture, implementation
· management and
reporting
· Strong technical
or security skills related to a broad range of operating systems, databases or
security tools, e.g., UNIX, Linux, Windows 2000 and NT, firewalls and IDS
systems
· Familiarity with
IT analysis, delivery and operations methods, including SDLC and CMM
· Experience with
programming languages such as Java, C, C++, C#, asp, and .NET
· Familiarity with
security and risk standards such as ISO 2701-2, PCI DSS, NIST, ITIL, COBIT
· Experience of
security testing methods and techniques including network, operating and
application system configuration review and internal/external penetration
testing
· An understanding
of web-based application vulnerabilities, and experience in application
security review and testing
· Experience of
manual attack and penetration testing above and beyond the running of automated
tools
· Experience in
developing custom scripts or programs (used for port scanning and vulnerability
identification)
· Applications
· Application
controls and security experiences involving ERPs:
· security modeling
· sensitive access
and SoD testing
· controls testing
· Process systems
and integrity, including risks and controls within business processes (manual,
automated, security)
· Change management
· Project management
and program management office (PMO) experience involving ERPs
· Project
assurance/advisory services experience involving ERPs:
· system selections
· targeted
assessments
· pre- and
post-implementation reviews
· Basic programming
compliant with ACL, DB and Microsoft Office skills/experience, e.g., Excel and
Access
· Data
· Data/information
management and manipulation
· Information
architecture and integration design
· Information
analysis and business intelligence tools
· ETL tool usage,
design and deployment
· Database
(relational and multidimensional) design, deployment and scripting
· Data governance
and data quality design, deployment and tools
You'll have knowledge and experience in one or more of Ernst & Young's priority industry sectors:
You'll have knowledge and experience in one or more of Ernst & Young's priority industry sectors:
· Government &
Public Sector
· Utilities
· Consumer Products
· Industrial
Products
· Technology
· Communications
& Entertainment
· Healthcare
Additional requirements
Additional requirements
· Demonstrated track
record with a blue chip consulting organization and/or a blue chip organization
· Strong academic
record including a degree
Why should I work for Ernst & Young in Information Technology Risk and Assurance?
Information technology is one of the key enablers for modern organizations. As one of our information technology risk and assurance professionals, you'll work with clients to improve the competitive advantage of their IT operations by enhancing efficiency and effectiveness. You'll help them create and implement processes to identify risks associated with running their systems and find ways to manage those risks. You can expect to work on some of the biggest external and internal audit engagements in the world and we'll give you the opportunities and support you need to succeed professionally and personally.
Why should I work for Ernst & Young in Information Technology Risk and Assurance?
Information technology is one of the key enablers for modern organizations. As one of our information technology risk and assurance professionals, you'll work with clients to improve the competitive advantage of their IT operations by enhancing efficiency and effectiveness. You'll help them create and implement processes to identify risks associated with running their systems and find ways to manage those risks. You can expect to work on some of the biggest external and internal audit engagements in the world and we'll give you the opportunities and support you need to succeed professionally and personally.
About this company
EY is a global leader in assurance,
tax, transaction and advisory services. The insights and quality services we
deliver help build trust and confidence in the capital markets and in economies
the world over. We develop outstanding leaders who team to deliver on our
promises to all of our stakeholders. In so doing, we play a critical role in
building a better working world for our people, for our clients and for our
communities.
Our collaborative culture supports the personal and professional success of each individual. Learn more about who we are, what we do and how to achieve your potential by visiting: http://www.ey.com/about
Our collaborative culture supports the personal and professional success of each individual. Learn more about who we are, what we do and how to achieve your potential by visiting: http://www.ey.com/about
No comments:
Post a Comment