Senior Consultant, IT Risk & Assurance (Glasgow or Edinburgh)
- Glasgow, Scotland, United Kingdom
- Permanent, Full time
- 18 Mar 19
Senior Consultant, IT Risk & Assurance (Glasgow or Edinburgh)
Technology is changing the way businesses are operating. New technologies provide businesses with the potential to deliver new services, operate in new markets, and to change the way they operate. Associated with these opportunities come risks. Our clients seek independent advice and assurance over diverse issues which include for example: the design and operation of their internal controls, the security of their business critical systems, the delivery of major IT enabled programmes, their relationships with third parties, and their management, stewardship and ability to exploit business critical data.
EY is recognised as a leading independent provider of risk advisory services, supporting organisations to manage their risks, exploit opportunities and operate effectively. IT Risk and Assurance (ITRA) sits within EY's Risk business and forms part of a broader Advisory Services practice.
In response to strong market demand, we are looking to recruit a Senior Consultant who can work directly with clients, to help them understand and address the risks associated with the technologies that support their business.
Your key responsibilities
Your primary responsibility will be to plan and deliver IT risk and control advisory engagements. Depending upon the size and complexity of the engagement, you may lead a small team or carry sole responsibility for technical delivery.
Examples of IT risk and control advisory engagements include:
- Assessing clients' IT environments and IT-related business processes that support the financial statements to determine the extent to which reliance can be placed on the internal control environment
- Identifying and remediating control and performance gaps compared to leading practice, helping clients gain stakeholder buy-in, reducing risk, and increasing value and visibility of IT cost
- Assisting organisations in the identification and management of information security risks by assessing the current state, prioritising improvements and conducting projects to reduce risk and improve regulatory compliance
Within the context of client engagements, specific responsibilities include:
- Planning, budgeting and delivering engagement for review by ITRA Managers or Senior Managers
- Gaining an understanding of the clients' IT applications and infrastructure to determine the effectiveness of the control environment through performing and reviewing process walkthroughs
- Reviewing detailed analysis of the control environment to gain assurance over effective operation of controls
- Identifying control weaknesses and any mitigating controls
- Reviewing working papers and supporting evidence in line with internal compliance requirements
- Effectively articulating control findings to key client stakeholders.
Skills and attributes for success
We are looking for individuals with the passion and commitment to eventually become a Partner in our business.
Applicants should have a proven track record of delivering either Assurance or Advisory services in a selection of the following areas:
· IT risk, control and audit skills: S4/HANA Finance, Oracle, Hyperion, Dynamics, mid-tier accounting packages
· IT risk, control and audit skills: Database systems including DB2, Sybase, RDS, OS/400, Oracle
· IT risk, control and audit skills: Operating systems including OS/400, Windows, Unix (flavours incl AIX, HPUX, Red Hat, Solaris)
· IT risk, control and audit skills: SOx404 process control mapping (for risks and controls), IT testing, IT test and exception handling documentation, IT risk and control improvement
· Core GAM competencies (including compulsory training and certification): audit planning, audit documentation (subject to FRC inspection), audit testing incl exception handling, use of GAM, use of Canvas, integration with Audit
· ITPRM skills: Process controls, ITGC controls, SOD controls, migration risks and controls, HYpercare controls, interface controls, IPE controls
· SOCR skills: ISAE3402 frameworks, SSAE16 frameworks, COSO, COBIT, sampling, control descriptions, testing, exception handling, reporting
· Ongoing interactions with CIO, CFO, GFC, CISO, Head of Change, Head of Risk, Head of Audit, Head of Digital
To qualify for the role you must have
· A successful track record in Internal and/or External IT Audit with experience gained through a 'Big 4' organisation
· You will have experience working in an IT risk and control environment
· You will be able to understand how to assess core IT-related controls
Ideally, you'll also have
· Ability to work in challenging, diverse, and evolving client environments with the utmost professionalism
· Flexibility and ability to learn quickly and leverage skills in new situations
· Ability to build strong client relationships
· Strong team working skills are essential
· Strong presentation and facilitation skills
· Excellent verbal and written communication skills
· A passion to contribute to the growth of the practice
What we look for
As an ambassador for the ITRA team, you will need to build a strong network internally and be able to exceed our clients' high expectations. We are seeking high performing individuals who have been recognised for exceeding expectations.
Core consulting skills - Advanced data and evidence management, client management on remediation programmes, driving innovation and continuous improvement
Technical skills - Strong technical insight, practical knowledge and capability in your specialist capability
Versatility - Proven ability to adapt and learn in an innovative environment
What working at EY offers
We offer a competitive remuneration package where you'll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:
- Support and coaching from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that's right for you
EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.
As a global leader in assurance, tax, transaction and advisory services, we're using the finance products, expertise and systems we've developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we'll make our ambition to be the best employer by 2020 a reality.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
Join us in building a better working world.