As Technology Assurance Manager, you’ll be responsible for leading the engagement teams and contribute technically to Risk Assurance client engagements and internal projects within the company. The role involves assisting the Senior Managers & Directors while actively participating within the client engagement. In line with EY commitment to quality, you will manage risks associated with technology operations and to ensure compliance with regulatory requirements and industry best practices for your clients. As a member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop.
Your key responsibilities are to
- Develop and maintain the technology assurance framework, including risk assessments, control implementation, and compliance monitoring.
- Lead the planning and execution of SOC audits, including the evaluation of system controls, security protocols, and IT governance practices.
- Lead the attestation audits including System and Organization Controls (SOC) 1, SOC 2, SOC 3, SOC for Cybersecurity and WebTrust for CAs, as well as HITRUST, SSPA, ISO, MRC and CSA STAR applying most areas of the governing standard as necessary.
- Participate in go to market, create proposals and respond to RFPs, client orals etc. Identify opportunities for cross-selling to current clients/introduce colleagues from other service lines.
- Jointly lead global account relationships along with onshore, manage engagement deliveries, quality and drive the growth agenda on accounts.
- Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.
- Coordinate with internal and external stakeholders to ensure technology practices align with regulatory requirements and industry standards (e.g., ISO 27001, SOC 2, GDPR, HIPAA).
- Manage the engagement teams, providing guidance, training, and performance evaluations.
- Collaborate with IT and security teams to identify and mitigate technology risks, including cyber threats, data breaches, and system vulnerabilities.
- Develop and maintain productive working relationships with client and onshore stakeholders.
- Stay abreast of emerging technology trends, risks, and regulatory changes that may impact the organization.
- Contribute to people-related initiatives including recruiting and retaining Risk Assurance professionals.
- Foster a culture of continuous improvement and risk awareness across the organization.
Skills and attributes for success
- Lead team in performing SOC 1 and SOC 2 (System and Organization Controls) SSAE18 assessments in accordance with the attestation standards established by the AICPA (American Institute of Certified Public Accountants).
- Identify opportunities and innovative ways to efficiently deliver on engagements and/or implement internal process improvements / automations.
- Effectively manage multiple assignments and teams across locations.
- Effectively manage engagement economics and operational aspects including resourcing and reporting.
- Inculcate a culture of “Quality First” in all Client interactions and assignments.
- Contribute to the Knowledge Management agenda of the practice by leading team members in technical knowledge content development and trainings.
- Work effectively as a team player - collaborate and share responsibility and support team members to succeed.
- Maintain an educational program to continually develop personal skills of self and junior team members.
To qualify for the role, you must have
- Bachelor’s degree in information technology, Computer Science, Information Systems, (Any B.E/B.Tech course with IT subjects, BCA/MCA, B.Sc.-IT/M.Sc.-IT), MBA in any domain, CA/ACCA.
- Minimum of 7 years of experience in IT audit, Service Organization Controls Reporting (SOCR - SSAE 16 / ISAE 3402) SOC 1, 2, & 3 Reporting, IT General Controls and IT Automated Controls
- Professional certifications such as CISA, CISSP, CRISC, or CISM are highly desirable.
- Strong understanding of IT and security frameworks, standards, and best practices
- Knowledge of PCAOB Auditing standards and AICPA requirements.
- Excellent analytical, problem-solving, and decision-making skills.
- Experience in proposal development for a client.
- Proven ability to lead and motivate a team in a dynamic and challenging environment.
- Exceptional communication and interpersonal skills, with the ability to interact effectively with all levels of the organization.
- Knowledge of documentation and data analysis tools like Word, Excel, Access,
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.