EY New-TR-Manager 

Philippines, Taguig 

365231704

Technology Risk Manager

All our services whether assurance or advisory in nature are designed for the dual purpose of strengthening internal controls and, in so doing, helping to improve IT and business performance. In addition to assurance-related engagements such as financial attestation and Service Organization Controls (SOC) engagements, our consulting services focus on IT SOX, IT Internal Audits, Cloud and Emerging Technology audits, IT Asset Management and Risk Analytics.

• Provide high quality client service, working directly with onshore and/or client teams to understand and evaluate client’s IT environment and controls.
• Manage predominantly offshore engagements. Communication, written and verbal, with the onshore EY and/or client teams would be expected.
• Manage engagements throughout the engagement lifecycle from initiation, planning, execution and reporting to ensure that deliverables are provided as per the expected quality, compliant with the EY methodology and within timelines.
• Manage the engagement risks, issues/escalations and metrics.
• Review the work program, work papers and provide guidance in performing the test procedures.
• Set, coordinate and lead meetings for key engagement milestones and provide periodic status updates to onshore Engagement Management and/or client teams.
• Report control deficiencies identified and evaluate the overall impact.
• Identify opportunities for improvement/provide recommendations to mitigate the control deficiencies noted.

• Develop and maintain team, onshore and client relationships to manage expectations.
• Improve the GDS integration/penetration rate and hours on the current portfolio of accounts.
• Identify any new potential business opportunities on the accounts and introduce/endorse other TR and consulting solutions.
• Lead strategic initiatives that will drive growth, quality, technical capabilities and process improvements.

• Be the counselor for TR Seniors and/or Consultant and ensure alignment with the counselee’s professional/personal goals against the broader team and organization.
• Set goals, monitor the performance and provide guidance/direction to drive professional growth.
• On the engagements, coach/mentor newer/less experienced engagement team members.

• Facilitate virtual/classroom trainings to the broader TR teams.
• Comply with mandatory independence, risk management and training requirements.
• Lead internal committees and drive internal process improvements.

• At least seven (7) years’ experience, of which at least two (2) years should be in a Managerial role, related to audits/reviews of:
• IT General Controls across different platforms (Application, Operating System, Database) related to the following areas/domains:
• User Access Management
• Change Management
• Backup and Recovery Management
• Batch Job Management
• Problem/Incident Management
• System development/acquisition, migration and implementation.
• IT Application/Automated Controls related to various business processes such as Procure to Pay, Order to Cash, Inventory, Payroll, Treasury, Record to Report, etc.
• System-Generated Report/Information Produced by Entity (IPE) testing.
• IT SOX, IT Internal Audit, Service Organization Controls (SOC), Information Security review and/or Cloud Security review/testing.

• ERP/Application systems particularly SAP ECC/S4Hana and Oracle EBS/Fusion.
• Operating Systems (Windows Server, UNIX/Linux, OS/400, etc.)
• Databases (Microsoft SQL, Oracle SQL, DB2, SAP HANA, etc.)
• Cloud technologies (PaaS, SaaS, virtualization, etc.)
• Working experience/knowledge with leading industry standards and frameworks such as SSAE 16/ISAE 3402, ISO/IEC 27001, COBIT, ITIL, COSO etc.
• Strong communication, business development, correspondence, presentation/facilitation and coaching skills.
• Holding at least one of the following or other relevant/equivalent professional certifications: CISA, ISO27001 Auditor/Lead Auditor, CISM, CRISC.
• Excellent project management, leadership, teamwork, problem solving, innovation and client service skills.
• Excellent presentation, written and oral communication skills.
• With at least one of the following certifications–CISA, CISM, CRISC, CIA; non-certified hires are required to become certified within 1 year from the date of hire.

• Possess a bachelor's degree in Accounting, Computer Science, Information Systems, Engineering, or other related discipline.
• Have prior work experience as IT Audit Manager, IT Internal Audit Manager, IT Compliance Manager, IT Risk Manager, Information Risk Manager, Information Security Manager and other related roles.
• Must be amenable to work in McKinley Hill, Taguig City.
• be amenable to work long working hours, particularly during the busy season and when necessary.
• possess a valid passport.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.