EY Information Security Compliance Manager 

Poland, Lower Silesian Voivodeship 

141465464

Information Security Compliance Manager

As an Information Security Compliance Manager, you will be the linchpin in our defense, orchestrating IT-related audit procedures with precision and insight. This role is a blend of strategy and execution, requiring a deep understanding of IT General Controls and Software Development Lifecyle controls. Your mission is to help identify compliance risks, assist in controls testing and advise on remediation activities. You will be the trusted advisor coordinating audits with both internal and external groups and providing valuable evaluations and advice to our global leadership.

Your key responsibilities

• Champion the Technology function leaders in all aspects related to ITGC and SDLC controls, becoming the go-to expert and support system.
• Evaluate and refine the current ITGCs and SDLC controls, ensuring continuous improvement and relevance.
• Take the lead in risk identification, control design and implementation, and the creation of essential documentation.
• Drive the annual risk assessment process, ensuring control owner certifications and function leader attestations are completed with integrity.
• Coordinate the annual Internal Audit testing of IT general controls and the System Development Life Cycle (SDLC) controls, supporting control owners, operators as well as the auditors enabling an efficient audit process.
• Actively support the remediation of control gaps and the execution of quality improvement plans, ensuring the highest standards are met.
• Provide your expertise in technology risks and controls to various technology leaders, business function leaders, and team members, fostering a culture of knowledge sharing.
• Offer assistance to global, area, and service line teams, particularly on Technology-related topics, becoming a valuable resource across the organization.
• Maintain an up-to-date understanding of the current security threat landscape and information security frameworks such as ISO27001, SOC 1, and SOC 2, ensuring our defenses are always ahead of the curve.

To qualify for the role, you must have

• A minimum of 5 years of work experience applying relevant IT audit skills in audit engagements.
• Strong English language proficiency – both written and verbal communication skills are essential.
• Excellent time management, interpersonal, communication, organizational, and decision-making skills.

A solid background in Financial Audit IT (FAIT) engagements, with in-depth knowledge in areas such as:

• IT Audit Methodology and IT General Controls.
• System Development Life Cycle.
• Interfaces and key reports testing.

• Proficiency in MS Office suite (Word, Excel, PowerPoint).
• A collaborative spirit to work effectively with teams to facilitate, schedule, and coordinate required audit activities.
• CISA, CIA, CISSP, or CISM certification is a plus and will set you apart.

What we offer

EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across ten locations – Argentina, China, Hungary, India, the Philippines, Poland, Sri Lanka, Mexico, Spain and the United Kingdom – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career.

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you : We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership : We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.