IT Risk Consultant at Ernst & Young

The opportunity

• We are actively seeking a Senior to join our IT Risk team.
• You'll work alongside respected industry professionals, learning about and applying leading practices to better manage IT risk and cybersecurity people, process and technology capabilities.
• You'll gain insights into the design and operations of Information Technology risk programs and audits in a variety of industries and learn how to design measurable, sustainable programs to keep up with the ever-changing technology landscape.
• This position falls within our Advisory team, which helps our clients enhance the effectiveness of operations functions by assisting them as they shift their emphasis from transaction-level control, processing and reporting to more value driven, decision support and analytics.

Your Key Responsibilities

• As a Senior, you'll contribute technically to IT risk and cybersecurity client engagements and internal projects.
• An important part of your role will be to actively establish internal and external relationships.
• You'll also identify potential business opportunities for EY within existing engagements and escalate these as appropriate.
• Similarly, you'll anticipate and identify risks within engagements and raise any issues with senior members of the team.
• In line with EY's commitment to quality, you'll confirm that work is of high quality and is reviewed by the next-level reviewer.
• This role requires willingness and ability to travel approximately 50-70%.

Experience And Qualifications

• A minimum of 5 years’ experience in IT Audit
• Experience conducting technical audits of complex technology environments including infrastructure (network, cloud, virtual systems), databases (oracle, MS SQL, DB2), applications, operating systems (Windows, Linux, AIX etc), cyber and information security, disaster recovery and business resilience.
• Experience conducting information and cyber security risk assessments.
• Experience using IT Audit and security tools.
• Experience auditing SAP application is preferred.
• Knowledge in IT and security frameworks, standards, and regulations such as COBIT 2019, ISO 27001, ISO 22301, NIST, PCI DSS, Critical Information Infrastructure (CII) Directive of Ghana etc.
• Conversant with design and review of IT and information security policies and procedures.
• Good writing, communication, and presentation skills.
• Team player with leadership skills and aspirations.
• A bachelor’s degree in a relevant field of study (information technology, computer science, cybersecurity, information security, IT engineering etc.).
• A master’s degree in a relevant field of study would be an added advantage
• CISA certification is required.
• Certification in one or more of the following is preferred CRISC/CISM/ CISSP/ ISO 27001 LA / ISO 22301 LA.
• Certification in one or more of the following would be an added advantage, ISO 27032/ PCI DSS QSA, / CompTIA Security+/CEH/ CompTIA PenTest+