This job posting isn't available in all website languages
DUR0006G Requisition #
Thanks for your interest in the IT Audit Associate position. Unfortunately, the link which you have accessed is no longer active. Please CLICK HERE to return to the EY Global careers site and use keywords to search for this job as it still might be active, or you can also review our similar listings and apply.

Job summary
Our IT Risk & Assurance services, are designed for the dual purpose of strengthening internal controls and, in so doing, helping to improve IT and business performance. In addition to assurance-related engagements such as financial  attestation and ISAE 3402 engagements, our IT risk advisory services focus on IT governance and effectiveness; IT  program management and assurance; security and controls of Enterprise Resource Planning (ERP) implementations; and  business intelligence and information analysis. We are currently offering positions in the following areas:
  • Application Risk & Controls practice
  • Information Management and Analysis Services practice
  • Financial Services Technology Risk and IT Regulatory Services
Responsibilities, Qualifications, Certifications - External
In your role as a Risk Assurance Associate you’ll:
  • Effectively manage and motivate client engagement teams with diverse skills and backgrounds.
  • Consistently deliver quality client services and manage expectations of client service delivery.
  • Drive high-quality work products within expected timeframes and on budget.
  • Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.
  • Stay abreast of current business and industry trends relevant to the client's business.
  • Develop and maintain long-term relationships and networks with clients and internal EY stakeholders - Demonstrate deep technical capabilities and professional knowledge.
  • Possess in depth business acumen and demonstrate ability to quickly assimilate to new knowledge. - Remain current on new developments in advisory services capabilities and industry knowledge
  • A recognized university degree in accounting, business, information technology, engineering, mathematics or other relevant discipline
  • At least 2 years of relevant consulting or industry experience, preferably in a professional services environment or MNC.
  • Candidates who possess professional certifications such as Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) and / or  Certified Fraud Examiner (CFE) are highly encouraged to apply.
  • Proficiency with Microsoft Excel, Access, Word, and PowerPoint
  • Strong analytical, interpersonal, communication, writing and presentation skills
  • Demonstrates integrity, values, principles, and work ethic
  • Willingness to travel on overseas assignment as the need arises
In addition, candidates should have experience in at least one of these specific areas below:
1. Application Risk & Controls
This practice focuses on enterprise IT application assessment, Governance, Risk and Compliance (GRC) technology assessment, IT Application and Tool Implementation. We deliver valuable insights and enable better business decisions through improved quality of information.
To qualify, candidates should have: 
  • Working experience on at least two (2) full cycles of access control framework definition, security role design, remediation and implementation for ERP solutions such as SAP and Oracle. 
  • Working experience in performing business process controls review, access controls review (e.g., segregation of duties)  and project risk assessments in an ERP environment.  Having experience in continuous controls monitoring and controls  optimization type of work would be an advantage.
  • In-depth knowledge on key risks and expected controls (including compensating controls) in one or more business processes (e.g., procure to pay, and financial statement close)
  • Understanding of and/or implementation experience with a variety of GRC tools (e.g., SAP GRC and Oracle ICM)
2. Information Management and Analysis Services
This practice focuses on analytics delivery, analytics enablement, data quality and governance, and data management.  We deliver valuable insights and enable better business decisions through effective collection, storage, analysis and  management of quality of information.
To qualify, candidates should have: 
  • Working experience in one or more of the following domains: data / statistical analysis, data management, data quality assessment and profiling, data governance, data warehouse / Cubes development, business intelligence, data mining,  data conversion, continuous auditing / monitoring, data modeling, and/or ETL development
  • Competency with one or more of the following tools would be an added advantage: SQL, R, ACL, IDEA, SAS, SPSS, Business Objects, Congos, Tableau, Spotfire or other OLAP / analysis tools
  • In-depth knowledge with analytics implementation / development in one or more domains / industries (e.g., procurement,
  • HR, banking and / or government) would be useful
  • Strong analytical and problem-solving skills, and ability to work with incomplete or imperfect data.
  • Ability to identify and visualize relationships within large, not obviously related data sets.
  • Familiarity with linear algebra and matrix algorithms is a plus. Ability to build and interpret probabilistic models of complex, high-dimensional systems is a plus.
3. Financial Services Technology Risk and IT Regulatory Services
This practice focuses on operational, management and governance aspects of technology risk and providing end-to-end  IT regulatory advisory services. This requires relevant industry understanding and prior experience in handling or with  regulators would be beneficial.
To qualify, candidates should have: 
  • Strong understanding of industry operational and technology risk management processes and underlying  technology controls
  • Experience in engaging and managing a variety of stakeholders with an ability to consult and develop remediation options, risk mitigation solutions
  • Understanding of regulatory reporting requirements and underlying technology requirements
  • Practical experience and understanding of technology and business processes in providing related risk assurance and advisory considerations
Who we are  
Information technology is one of the key enablers for modern organizations. As one of our information technology risk and assurance professionals, you'll work with clients to improve the competitive advantage of their IT operations by enhancing efficiency and effectiveness. You'll help them create and implement processes to identify risks associated with running their systems and find ways to manage those risks. You can expect to work on some of the biggest external and internal audit engagements in the world and we'll give you the opportunities and support you need to succeed professionally and personally. 

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions

EY Careers site

Visit the EY Careers site to explore our culture, hear from our people and learn why an EY career is so valuable.