Job Description
As a key member of our EY Technology Risk team, you will technically contribute to IT Risk and Assurance client engagements and internal projects. A crucial aspect of your role includes actively developing and maintaining both internal and external relationships. You will have the opportunity to identify potential business opportunities within existing engagements and escalate these appropriately. Moreover, you'll be responsible for anticipating and identifying risks within engagements and communicating any issues to senior members of the team.
Your Key Responsibilities
- Engage in IT Risk and Assurance engagements with a focus on MS D365 technologies.
- Collaborate effectively as a team member, sharing responsibilities, providing support, maintaining communication, and updating senior team members on progress.
- Assist in the preparation of audit reports for clients and other stakeholders.
- Develop and maintain productive relationships with onshore teams and client personnel.
- Conduct identification and testing of IT security and IT risk (e.g., data systems, network, and applications) within MS D365 environments.
- Contribute to practice-wide training initiatives focused on MS D365 IT General Controls (ITGC), Security, and Pre & Post Implementation reviews.
- Work closely with onshore, cross-functional teams to develop strong project senior relationships across the organization.
- Stay updated with the latest MS D365 ERP versions and functionalities, promoting industry best practices.
- Actively participate in project management and stakeholder management, including planning and budget preparation.
Skills and Attributes for Success
- Experience in reviewing and testing IT general controls (ITGC) withinMicrosoft Dynamics AX andMicrosoft D365 environments, specifically focusing on access management, change management, computer operations, SOD and SDLC.
- Proficiency in reviewing and testingMicrosoft Dynamics AX andMicrosoft D365 security configurations.
- Ability to perform pre & post-implementation reviews inMicrosoft Dynamics AX andMicrosoft D365 environments, including migration testing (preferably from Microsoft Dynamics to Microsoft D365).
- Familiarity with data extraction methods and user access security architecture.
- Experience with integration capabilities and testing of interface controls between systems.
- Experience in reviewing and testing the key business process configurations (ITAC’s)
- Knowledge of auditing methodologies, financial audit IT audits, related regulations, auditing standards, and guidelines.
- Experience in performing the walkthrough (Test of design) directly with the client, Operating Effectiveness and have knowledge of the financial statement’s assertions.
- Understanding of control frameworks (e.g., COSO) and common IT governance, control, and assurance industry frameworks (e.g., COBIT, ISACA).
- Experience in reviewing and testing the key reports ensuring the risks (completeness & accuracy) related to IPE’s (Information Produced by Entity) are addressed.
- Experience in testing of interface controls between multiple systems and middleware controls.
- Experience in IT audit in the context of a financial audit & related regulations, auditing standards and guidelines.
- Awareness of third-party attestation standards and other reporting and industry-specific standards.
Qualifications
- B.E/B.Tech in CS/IT or MBA (preferably in Information Systems) or CA with at least 3 years of experience.
- MS D365 functional modules certification (Preferred).
- CISA certification (Preferred).
- ISO 27001:2013 certification (Preferred).
- Any other relevant IT audit or security certification (Preferred).
What We Look For
- A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment.
- Opportunities to work with EY technology risk practices globally with leading businesses across a range of industries.
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.