EY Senior Consultant, IT Risk & Assurance, Birmingham in Birmingham, United Kingdom

Senior Consultant, IT Risk & Assurance, Birmingham


Requisition # BIR001SJ

Post Date Aug 18, 2018

Technology is changing the way businesses are operating. New technologies provide businesses with the potential to deliver new services, operate in new markets and to change the way they operate. Associated with these opportunities come risks, our clients seek independent advice and assurance over diverse issues which include for example: the design and operation of their internal controls, the security of their business critical systems, the delivery of major IT enabled programmes, their relationships with third parties, and their management, stewardship and ability to exploit business critical data.

The opportunity

EY is recognised as a leading independent provider of risk advisory services, supporting organisations manage their risks, exploit opportunities and operate effectively. IT Risk and Assurance (ITRA) sits within EY’s Risk business and forms part of a broader Advisory Services practice.

In response to strong market demand, we are looking to recruit a Senior Consultant who can work directly with clients, to help them understand and address the risks associated with the technologies that support their business.


The primary responsibility of ITRA Senior Consultants is to plan and deliver IT risk and control advisory engagements. Depending upon the size and complexity of the engagement, candidates may lead a small team or carry sole responsibility for technical delivery. Examples of IT risk and control advisory engagements include:

  • Assessing clients' IT environments and IT-related business processes that support the financial statements to determine the extent to which reliance can be placed on the internal control environment

  • Identifying and remediating control and performance gaps compared to leading practice, helping clients gain stakeholder buy-in, reduce risk, and increase value and visibility of IT cost

  • Assisting organisations in the identification and management of information security risks by assessing the current state, prioritising improvements and conducting projects to reduce risk and improve regulatory complianceWithin the context of client engagements, specific responsibilities include:

  • Planning, budgeting and delivering engagement for review by ITRA Managers or Senior Managers

  • Gaining an understanding of the clients' IT applications and infrastructure to determine the effectiveness of the control environment through performing and reviewing process walkthroughs

  • Reviewing detailed analysis of the control environment to gain assurance over effective operation of controls

  • Identifying control weaknesses and any mitigating controls

  • Reviewing working papers and supporting evidence in line with internal compliance requirements

  • Effectively articulating control findings to key client stakeholders.

Skills and attributes for success

We are looking for individuals with the passion and commitment to eventually become a Partner in our business.

Applicants should have a proven track record of delivering either Assurance or Advisory services in a selection of the following areas:

  • IT risk, control and audit skills: S4/HANA Finance, Oracle, Hyperion, Dynamics, mid-tier accounting packages

  • IT risk, control and audit skills: Database systems including DB2, Sybase, RDS, OS/400, Oracle

  • IT risk, control and audit skills: Operating systems including OS/400, Windows, Unix (flavours incl AIX, HPUX, Red Hat, Solaris)

  • IT risk, control and audit skills: SOx404 process control mapping (for risks and controls), IT testing, IT test and exception handling documentation, IT risk and control improvement

  • Core GAM competencies (including compulsory training and certification): audit planning, audit documentation (subject to FRC inspection), audit testing incl exception handling, use of GAM, use of Canvas, integration with Audit

  • ITPRM skills: Process controls, ITGC controls, SOD controls, migration risks and controls, HYpercare controls, interface controls, IPE controls

  • SOCR skills: ISAE3402 frameworks, SSAE16 frameworks, COSO, COBIT, sampling, control descriptions, testing, exception handling, reporting

  • Ongoing interactions with CIO, CFO, GFC, CISO, Head of Change, Head of Risk, Head of Audit, Head of Digital

Throughout the assessment process, we will look for strong evidence of:

Core consulting skills:

  • Advanced data & evidence management, client management on remediation programmes, driving innovation & continuous improvement

Technical skills:

  • Strong technical insight, practical knowledge & capability in your specialist capability.


  • Proven ability to adapt and learn in an innovative environment.

What we look for

As an ambassador for the IT Risk & Assurance team, you will need to build a strong network internally and be able to exceed our clients' high expectations. We are seeking high performing individuals who have been recognised for exceeding expectations.

What working at EY offers

We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:

  • Support and coaching from some of the most engaging colleagues around

  • Opportunities to develop new skills and progress your career

  • The freedom and flexibility to handle your role in a way that’s right for you

EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.

About EY

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build abetter working world. That starts with a culture that believes in giving you the training, opportunities andcreativefreedom to make things better.Whenever you join, however long you stay, theexceptionalEY experience lasts a lifetime.And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Build your legacy with us.

Apply now.