EY Senior or Manager – IT Cyber Security and Audit in QC, Canada
Title: Senior or Manager – IT Cyber Security and Audit
Job Number: MON001F7
EY’s people in more than 150 countries are committed to operating with integrity, quality and professionalism in the provision of audit, advisory, tax and transaction advisory services. We strive to help all of our people achieve their professional and personal goals through an inclusive environment that values everyone’s contributions, appreciates diversity of thought, fosters growth, and provides continuous opportunities for development. Recognized as one of Canada's top employers, EY continually strives to be a great place to work.
Within EY’s Advisory - Risk Assurance practice, we are currently seeking a Senior Staff or Manager to participate in client engagement teams, whereby he/she will be assessing, improving and evaluating our clients’ business and Information Technology (IT) processes and controls, predominantly in their IT environment. You will have the opportunity to bring your knowledge and expertise to our clients in the following key areas:
IT General Controls and Application Controls
Service Organisation Control reports
Compliance with various frameworks
Through assisting other Advisory sub-services such as Internal Audit, Performance Improvement and Cyber Security.
Providing high quality professional day-to-day management of internal/external audit engagements/projects by understanding EY’s practices and service offerings to identify potential opportunities to improve such service offerings.
Leading and supporting the on-site coordination during engagements by planning and briefing teams on the client's IT environment as well as industry IT trends, communicating with the clients and completing audit engagements.
Maintaining relationships with client management to manage expectations of service, including work products, timing, and the value to be delivered.
Preparing IT external audit reports on the adequacy and effectiveness of control structures, along with providing practical recommendations to improve the effectiveness, efficiency of a control or process.
Demonstrating the ability to discuss and resolve audit issues and recommendations with client management.
Demonstrating thorough understanding of complex information systems and applications to client situations.
Bilingualism: strong written and verbal communication skills in both French and English.
Bachelor's degree in engineering, computer science, information systems, business and/or other related major.
Experience in assessing, and implementing, security and risk standards using frameworks such as ISO 27k, PCI DSS, NIST, ITIL, COBIT.
Cyber security skills as it relates to performing assessments, designing architectures, relevant cyber management capabilities as well as in reporting the associated metrics.
Application control and security implementation experience.
Program and project delivery skills, including design, management and reporting.
Possession of, or be actively pursuing, information systems auditing certifications or accounting designations such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), and Certified Information Systems Security Professional (CISSP), Chartered Professional Accountant (CPA), Certified Management Accountant (CMA), and Certified General Accountant (CGA).
3-5 years of experience in the field of IT auditing, IT Security, information technology operations or internal audit.
Experience with the following topics would be considered a strong asset:
Cyber Program Management
Cyber Threat Management
Identity and Access Management
Data Protection and Privacy
Data Analytics or Business Intelligence (design and/or execution)
SAP and/or Oracle
Availability to travel.
EY is committed to inclusiveness, equity and accessibility. We encourage all qualified candidates to apply.