As part EY's Consulting practice, the Technology Risk (TR) Manager is responsible for managing multiple client engagement teams, driving business development and growth, leading initiatives, facilitating trainings, and coaching/mentoring. Engagements As part EY's Consulting practice, the Technology Risk (TR) Manager is responsible for managing multiple client engagement teams, driving business development
and growth, leading initiatives, facilitating trainings, and coaching/mentoring. Engagements focus on the assessment of IT systems and the mitigation of IT-related business risks. Engagements may be either assurance (attestation) and/or consulting in nature and vary in and complexity, depending on the client. All our services whether assurance or advisory in nature are designed for the dual purpose of strengthening internal controls and, in so doing, helping to improve IT and business performance. In addition to assurance-related engagements such as financial attestation and Service Organization Controls (SOC) engagements, our consulting services focus on IT SOX, IT Internal Audits, Cloud and Emerging Technology audits, IT Asset Management and Risk Analytics. KEY RESPONSIBILITIES: Engagement Management Provide high quality client service, working directly with onshore and/or client teams to understand and evaluate client's IT environment and controls. Manage predominantly offshore engagements. Communication, written and verbal, with the onshore EY and/or client teams would be expected. Manage engagements throughout the engagement lifecycle from initiation, planning, execution and reporting to ensure that deliverables are provided as per the expected quality, compliant with the EY methodology and within timelines. Manage the engagement risks, issues/escalations and metrics. Review the work program, work papers and provide guidance in performing the test procedures. Set, coordinate and lead meetings for key engagement milestones and provide periodic status updates to onshore Engagement Management and/or client teams. Report control deficiencies identified and evaluate the overall impact. Identify opportunities for improvement/provide recommendations to mitigate the control deficiencies noted. Business Development Develop and maintain team, onshore and client relationships to manage expectations. Improve the GDS integration/penetration rate and hours on the current portfolio of accounts. Identify any new potential business opportunities on the accounts and introduce/endorse other TR and consulting solutions. Lead strategic initiatives that will drive growth, quality, technical capabilities and process improvements. Coaching/Mentoring: Be the counselor for TR Seniors and/or Consultant and ensure alignment with the counselee's professional/personal goals against the broader team and organization. Set goals, monitor the performance and provide guidance/direction to drive professional growth. On the engagements, coach/mentor newer/less experienced engagement team members. Practice Development: Facilitate virtual/classroom trainings to the broader TR teams. Comply with mandatory independence, risk management and training requirements. Lead internal committees and drive internal process improvements Skills and attributes for success: At least seven (7) years' experience, of which at least two (2) years should be in a Managerial role, related to audits/reviews of: IT General Controls across different platforms (Application, Operating System, Database) related to the following areas/domains: User Access Management Change Management Backup and Recovery Management Batch Job Management Problem/Incident Management System development/acquisition, migration and implementation. IT Application/Automated Controls related to various business processes such as Procure to Pay, Order to Cash, Inventory, Payroll, Treasury, Record to Report, etc. System-Generated Report/Information Produced by Entity (IPE) testing. IT SOX, IT Internal Audit, Service Organization Controls (SOC), Information Security
review and/or Cloud Security review/testing. Working experience with the following: ERP/Application systems particularly SAP ECC/S4Hana and Oracle EBS/Fusion. Operating Systems (Windows Server, UNIX/Linux, OS/400, etc.) Databases (Microsoft SQL, Oracle SQL, DB2, SAP HANA, etc.) Cloud technologies (PaaS, SaaS, virtualization, etc.) Working experience/knowledge with leading industry standards and frameworks such as SSAE 16/ISAE 3402, ISO/IEC 27001, COBIT, ITIL, COSO etc. Strong communication, business development, correspondence, presentation/facilitation and coaching skills. Holding at least one of the following or other relevant/equivalent professional certifications: CISA, ISO27001 Auditor/Lead Auditor, CISM, CRISC. Excellent project management, leadership, teamwork, problem solving, innovation and client service skills. Excellent presentation, written and oral communication skills. With at least one of the following certifications-CISA, CISM, CRISC, CIA non-certified hires are required to become certified within 1 year from the date of hire. To qualify, you must: Possess a bachelor's degree in Accounting, Computer Science, Information Systems, Engineering, or other related discipline. Have prior work experience as IT Audit Manager, IT Internal Audit Manager
, IT Compliance Manager, IT Risk Manager, Information Risk Manager, Information Security Manager and other related roles. Must be amenable to work in McKinley Hill, Taguig City. be amenable to work long working hours, particularly during the busy season and when necessary. possess a valid passport.
Ernst & Young Global Services Philippines Inc