EY Technology Risk - IT Audit, Senior in Trivandrum, India
Technology Risk - IT Audit, Senior
Requisition # TVM000M3
Post Date May 15, 2019
EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.
EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com.
Plan and execute Application controls and IT General controls review
Experienced in reviewing ERPs such as SAP and Oracle
ISO 27001 readiness reviews for different clients
Perform information security risk assessments
Conduct SOX (Sarbanes Oxley Act)–ITGC audits
Review security policies, standards and procedures
3+ years of Big 4 experience in ITGC and Application reviews
MCA/BTech /BSc ( Comp Science/Electronics and communication, or equivalent) or CA
6-10 years of core experience in conducting internal/external IT Audit (ITGC/SOX Compliance)
The candidates must have core understanding and knowledge in performing IT audit/Financial audits integrated with IT (FAIT)/SOX compliance
The candidates must have strong experience in auditing multiple ERPs, Databases and applications.
The candidates must be in a position to articulate Risks mapped with each ITGC controls and must be able to conduct audits in various environments.
The candidates must have moderate/excellent understanding in performing IT application related controls in Financial applications
The candidates should also have the skills to communicate fluently in English to the clients/customers. Customer/client facing experience is an added advantage
The candidates must also possess any of the other information security competencies such as ISO 27001 implementation, SAP ERP knowledge and installation experience, Business Continuity, CoBIT 5, Infor Sec Policies & Procedures development, Risk Management, Security Monitoring tools such as Qualys, ArcSight, Splunk.
Travelling is a mandatory requirement for this position, as multiple travels are expected for this role. Hence the candidates must have a valid passport with their academic certificates attested from the embassy (Attestation can be also carried out by EY mobility team if not done)
Communication in English (Both Spoken and written) must be fluent and clear.
LA 27001/CISA/CIA or other related certification/trainings related to Information security audits