Manager - IT Risk Consultant at Ernst & Young

The opportunity

•  We are actively seeking a manager to join our IT Risk team. You will work alongside respected industry professionals, learning about and applying leading practices to better manage IT risk and cybersecurity people, process and technology capabilities. You will gain insights into the design and operations of Information Technology risk programs and audits in a variety of industries and learn how to design measurable, sustainable programs to keep up with the ever-changing technology landscape.
• This position falls within our Advisory team, which helps our clients enhance the effectiveness of operations functions by assisting them as they shift their emphasis from transaction-level control, processing and reporting to more value driven, decision support and analytics.

Your key responsibilities

• As a manager, you will contribute technically to IT risk and cybersecurity client engagements and internal projects.
• An important part of your role will be to actively establish internal and external relationships
• You will also identify potential business opportunities for EY within existing engagements and escalate these as appropriate
• Similarly, you will anticipate and identify and address risks within engagements
• In line with EY's commitment to quality, you will confirm that work is of high quality and is reviewed by the next-level reviewer. This role requires willingness and ability to travel approximately 50-70% of the time
• Identify business opportunities where we can leverage our technology solutions to drive our client’s transformation agenda
• Develop technical proposals in response to client solicitations

Experience and qualifications

• A bachelor’s degree in a relevant field of study (information technology, computer science, cybersecurity, information security, IT engineering etc.)
• A master’s degree in a relevant field of study would be an added advantage
• A minimum of seven (7) years’ experience in IT Audit
• CISA certification is required
• Certification in one or more of the following is preferred CRISC/CISM/ CISSP/ ISO 27001 LA / ISO 22301 LA
• Certification in one or more of the following would be an added advantage, ISO 27032/ PCI DSS QSA, / CompTIA Security+/CEH/ CompTIA PenTest+
• Experience conducting and leading technical audits of complex technology environments including infrastructure (network, cloud, virtual systems), databases (oracle, MS SQL, DB2), applications, operating systems (Windows, Linux, AIX etc), cyber and information security, disaster recovery and business resilience
• Experience in conducting and leading information and cyber security risk assessments
• Experience using IT Audit and security tools.
• Experience in conducting and leading audits of SAP application is preferred
• Knowledge in IT and security frameworks, standards, and regulations such as COBIT 2019, ISO 27001, ISO 22301, NIST, PCI DSS, Critical Information Infrastructure (CII) Directive of Ghana etc
• Conversant with design and review of IT and information security policies and procedures
• Good writing, communication, and presentation skills
• Good leadership and management skills

We offer you

• Work with a bright, friendly, enthusiastic and energetic team
• An opportunity to develop your personal and business skills by working on challenging projects with some of the most well-known companies as well as through our extensive learning and development programs
• Receive a competitive remuneration package