EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, you will have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. We’re counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all.
Opportunity
The objective of our Consulting Risk services is to provide clients with a candid and reliable overview of their risk landscape. Our solutions can be used by clients to build confidence and trust with their customers, the overall market and when required by regulation or contract. For our Cloud Risk services, our teams look to establish a fit‑for‑purpose and proactive cloud risk framework and oversight capability to ensure consistency, transparency, and sustainability of public cloud use across the lines of defense.
Your Key Responsibilities
You will be responsible for managing multiple client engagement teams at an executive level within the practice and the firm. You can expect to work with high‑level client personnel to analyze, evaluate, and enhance information systems facilitating the business internal control process, and will assist clients and other Risk Assurance professionals in performing information technology control and security engagements.
Skills and Attributes for Success
- Provide guidance and share knowledge with team members and participate in performing procedures especially focusing on complex, judgmental and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement.
- Brief the engagement team on the client’s IT environment and industry IT trends. Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations.
- Bring and utilize extensive knowledge of the client’s business/industry to identify technological developments and evaluate impacts on the client’s business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services.
- Understand EY and its service lines and actively assess what the firm can deliver to serve clients.
- Partner with clients on the development and deployment of cloud risk governance frameworks, ensuring alignment with organizational goals and adherence to regulatory standards.
- Lead risk discussions on cloud transformation including migration from on‑prem.
- Coordinate with technical EY groups on cloud risk monitoring initiatives that employ advanced tools to proactively identify and mitigate risks across various cloud service models and deployments.
- Design robust cloud control mechanisms and, on engagements where independent, evaluate effectiveness in mitigating risks and maintaining compliance.
To qualify for the role you must have
- A bachelor's or master's degree
- A minimum of 5 years of experience working as an IT auditor or IT risk adviser for a public accounting firm, a professional services firm, or within industry
- Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) financial statement audits; (b) internal or operational audits; (c) Service Organization Controls Reporting engagements; (d) ERP security and control reviews (Oracle, SAP, PeopleSoft); and/or (e) cloud risk engagements (Azure, AWS, GCP)
- We would expect you to be available to travel outside of their assigned office location at least 50% of the time, plus commute within the region (where public transportation often is not available). Successful candidates must work in excess of standard hours when necessary. A valid passport is required.
Ideally, you’ll also have
- A bachelor's or master's degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline
- CPA, CA, CISA, CISSP, CISM, CBCP, CIA, CIPP, CGEIT certification is desired; if you are non-certified, you are required to become certified within 1 year from your date of hire.
- Additional cloud-based certifications to credentialize but do not currently meet the rigor of the certification requirement above:
- CCSP – Certified Cloud Security Professional
- CCSK – Certificate of Cloud Security Knowledge
- CCAK – Certificate of Cloud Auditing Knowledge
- Microsoft Certified: Azure Fundamentals
- AWS Certified Cloud Practitioner
What We Offer
We offer a comprehensive compensation and benefits package where you will be rewarded based