EY Senior Associate Financial Accounting Advisory 

Singapore, Singapore 

245209084

The financial services industry is faced with unprecedented technology risks and challenges. The ability to identify and address these rapidly evolving technology risks is key to providing assurance to their stakeholders in support of their business performance and compliance to regulations. Our Regulatory services in Technology Risk & Compliance are designed to provide financial regulators and financial institutions with assurance over the design adequacy and operating effectiveness of their IT controls based on industry and regulatory requirements, such as those from NIST and the MAS.

As an Audit Senior Associate specialising in regulatory assurance services within Technology Risk Management, you will play a crucial role in assessing and ensuring compliance with regulatory requirements and best practices in information technology for financial institutions. You will collaborate with a diverse team of professionals to conduct audits, identify areas of risk, assess the technology risk maturity and the design and operating effectiveness of the controls to address relevant technology and cybersecurity risks, as well as provide recommendations for enhancing controls and processes. You will be leading industry and regulatory assessment services that will directly support C-suite discussions and important business decisions regarding compliance and quality of the organisation’s risk management programs.

This role helps you build deep and professional knowledge across the various sectors in Financial Services in the Banking and Capital Markets, Wealth and Asset Management and Insurance sector. You will also be part of the high-performing teams that deliver exceptional client service, enabling organisations to grow, innovate, protect and optimise their business performance – playing your part in building a better working world.

Your Key responsibilities

• Conduct audits of technology risk management processes and controls for financial institutions, focusing on regulatory compliance and adherence to industry standards
• Assess the overall risk profile of the client, establish areas of assessment focus and thematic risks based on industry and regulatory requirements
• Evaluate the operating effectiveness of internal controls related to IT systems, cybersecurity, data privacy, and regulatory reporting based on regulatory, policy and other relevant stipulations
• Assess the adequacy of risk management frameworks and procedures in mitigating technology-related risks, including but not limited to operational, security and compliance risks
• Develop comprehensive reports detailing observations and recommendations. Support the communication of our perspective of identified observations and recommendations to the Board of Directors, Senior Management or other delegate management bodies of the client
• Collaborate with clients to understand their business objectives, risk appetite, and regulatory obligations, providing tailored solutions and guidance accordingly
• Mentor junior team members, providing guidance, training, and support to foster their professional growth and development
• Engage in continuous improvement initiatives to enhance audit processes and tools for increased efficiency and effectiveness

Expected Qualifications

• Bachelor Degree in Information Technology, Information Systems Management, Computer Engineering, Computer Science, Cybersecurity or similarly related discipline. Professional certification, such as CISA, CISSP, CISM, CIA, is preferred
• Minimum of 3 years of experience in internal or external audit, risk management, or compliance within the financial services industry, with a focus on IT / technology risk management/ cybersecurity. Candidates with no working experience in IT but demonstrate good knowledge and high motivation to learn about technology risks may be considered
• Strong understanding of technology risks faced by financial institutions, regulatory requirements and standards relevant to financial institutions, and internationally accepted IT or Cybersecurity standards and frameworks (e.g. NIST, COBIT, ITIL, ISO 2700x)
• Proficiency in assessing IT control, conducting risk assessments, and evaluating measures relating to cybersecurity and technology risk management
• Strong analytical, problem-solving and communication skills
• Proven ability to manage multiple priorities, work effectively under pressure, and meet tight deadlines
• Collaborative mindset with a demonstrated ability to build relationships and work effectively in a team-oriented environment.