EY FS-TR-ITC-Manager 

India, West Bengal, Kolkata 

969095505

As a TR-ITC manager, you’ll contribute technically to Risk Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for EY within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with stakeholders as required.

Your key responsibilities

• Participate in IT Risk and Assurance engagements.
• Proficiency in using audit software tools, data analytics techniques, and IT auditing techniques. Strong analytical skills are necessary for interpreting technical data, identifying patterns, anomalies, and areas of concern.
• Understanding of regulatory requirements and industry standards related to IT governance, data protection, privacy, and cybersecurity. This includes regulations such as GDPR, HIPAA, PCI-DSS, and industry frameworks like COBIT and NIST Cybersecurity Framework.
• Knowledge of IT governance principles, structures, and processes to ensure that IT activities align with business objectives, comply with regulations, and mitigate risks appropriately.
• Proficiency in identifying, assessing, and managing IT-related risks to ensure that adequate controls are in place to mitigate potential threats to the organization's information assets, systems, and operations.
• Familiarity with IT auditing principles, techniques, and tools to assess the effectiveness of IT controls, identify control deficiencies, and recommend remediation actions.
• Proficiency in understanding IT systems, networks, applications, and infrastructure to design and implement controls effectively. This includes knowledge of common technology platforms, such as operating systems, databases, cloud services, and cybersecurity tools.
• Strong project management skills are necessary for planning, coordinating, and executing internal control initiatives effectively. This includes managing resources, timelines, budgets, and deliverables to ensure that control objectives are achieved in a timely and efficient manner.
• The ability to lead and mentor a team of IT control professionals, providing guidance, support, and development opportunities. Strong leadership qualities include decision-making, delegation, conflict resolution, and fostering a collaborative work environment.
• Building and maintaining effective relationships with key stakeholders, including senior management, IT leadership, internal auditors, external auditors, and regulatory authorities. This involves understanding stakeholder expectations, managing communications, and addressing concerns in a collaborative and constructive manner.
• Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress

Skills and attributes for success

• Experience in application controls and Information security experience.
• Ability to build relationships with key stakeholders across different levels of seniority.
• Strong written and verbal communication skills
• Conduct performance reviews and contribute to performance feedback for the team.

To qualify for the role, you must have

• Preferably Bachelor’s degree in (Finance/Accounting, Electronics, Electronics & Telecommunications, Comp. Science)/MBA/M.Sc./CA
• Minimum of 7-8 years of experience in internal controls and Internal Audit
• Enterprise risk services with specific focus on IT and related industry standards
• IT Risk Assurance framework
• Control frameworks such as COSO, internal control principles and related regulations including SOX and J-SOX
• Preferred security skills related to a broad range of operating systems, databases or security tools, e.g., UNIX, Linux, Windows 2000 and NT, firewalls and IDS systems
• Familiarity with IT analysis, delivery and operations methods, including ITGC, ITAC,SDLC, PAM and CM
• Familiarity with security and risk standards such as ISO 27001-2, PCI DSS, NIST, ITIL, COBIT
• Experience of security testing methods and techniques including network, operating and application system configuration review
• Application controls and security experience:
  • sensitive access and SOD testing
  • controls testing
  • Knowledge of data analysis tools like MS Excel, MS Access, MS SQL Server, ACL, Monarch, etc.
• Preferred Certifications: CISA

What we look for

We believe that you should own and shape your career. But we’ll provide the support and opportunities to develop the skills, knowledge and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you’ll interact and team with individuals from various geographies and sectors. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are.
You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.