This position could be located in NY, NC, IL, CA.

EY is a leader in serving the global financial services marketplace and the only professional services firm with a separate business unit dedicated to the financial services industry – the Financial Services Organization (FSO). Our focused model and bold ambition have put us at the center of the events that continue to reshape and redefine our industry, working side by side with a range of clients from our most venerable institutions to dynamic new entrants across Banking and Capital Markets, Wealth and Asset Management, Insurance, and Real Estate, Hospitality and Construction. Our purpose is to help build a financial services industry in which financial institutions are trusted and flourish, and the global economy is healthy, growing and secure. If you have a passion for rallying together to solve complex challenges, then come join our dynamic FSO team!

The opportunity

Join the leading Digital Risk team, the IT internal audit, SOX, and 1st line and 2nd line control testing service provider to the financial services industry, providing industry-focused professionals with deep knowledge in internal audit, SOX, approaches/methodologies and IT controls, regulatory, privacy and security skills.

Everything you will be involved comes down to providing professional services to clients and helping ensure your teams do the same. Whether it is performing and managing IT internal audit outsource/co-sourced/transformation engagements, addressing client concerns over internal controls around security and/or privacy, performing IT SOX assessments and assisting with business development activities across financial services’ sectors, you will build strong relationships and become a trusted advisor to your clients while focusing on identification, rationalization, testing, and optimization of risks and controls.

Within EY’s Technology Risk practice, you will be working with client personnel and your team to assess the internal audit universe, plan and perform the risk assessment for internal audit, analyze and evaluate company’s complex IT systems, infrastructure, and risk issues, ensuring the execution of the audit plan and preparing audit reports to be shared with key stakeholders.

In addition to our IT Internal Audit and SOX offering, you will support control testing programs or targeted IT assessments across other lines of business whether it be regulatory or risk driven.

Some projects that you will be part of cover key topics such as agile methodologies and emerging risks such as generative Artificial Intelligence (AI), cloud security, cyber security and resiliency, automation, internal control analysis and testing, controls transformation, Sarbanes-Oxley (SOX) testing, and specialized functional and technical assessments to be in line with risk advisory.

In this role, you will help organizations assess their overall risk and execute on their operational risk frameworks. You will understand how quality and risk topics work together and execute on the enterprise risk framework controls and continued enhancement of the enterprise risk framework. Leveraging appropriate enterprise risk assessment techniques and risk mitigation techniques, you will:

• Develop and maintain risk control frameworks and design solutions in real time that can help define risk appetite, risk tolerance, and KRIs for organizations.
• Design and develop an Asset Management platform or a tool for continuous monitoring of technology (hardware and software)
• Provide recommendations to drive cost efficiency in current usage and future spend.

Your key responsibilities

In this role, you will be responsible for contributing to the delivery of one or more processes, solutions, and/or projects by delivering agreed activities, applying judgment, and selecting appropriate methodologies to inform recommendations, considerate of success criteria, barriers, risks, and issues. You will be accountable for meeting your own targets which impact the immediate team and may help coordinate the work of junior colleagues or team members. This role presents challenges and opportunities to solve complex problems, learn new skills, and contribute to the growth and success of the organization. The position may require regular travel as needed by external clients.

• Make decisions based on broad policies, applying personal knowledge/experience and/or precedents to guide decisions and resolve issues.
• Work on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors.
• Provide general guidance as needed to others newer to the role or at a lower level.

Skills and attributes for success

To excel in this role, you should possess a blend of technical and business skills, along with the ability to make informed decisions based on broad policies and personal knowledge. Your ability to analyze complex issues and provide guidance to others will be crucial. The following skills and attributes will contribute to your success:

• Providing guidance, participating in performing procedures focusing on complex, judgmental, and/or specialized issues, and applying deep knowledge in in IA and SOX approaches/methodologies and IT controls, regulatory, privacy, and security skills
• Collaborate with other members of the engagement team to plan the engagement and develop work programs and execution enablers, including approach, tasks, timelines, and budgets.
• Serving as a fieldwork leader by directing the daily progress of fieldwork, informing supervisors of engagement status and managing staff performance
• Using knowledge of the current IT environment and financial services industry IT trends to identify the engagement and client service issues and communicating this information to the engagement team and client management through written correspondence and verbal presentations.
• Maintaining relationships with client management, managing expectations around work products, timing, and deliverables billing
• Demonstrating a thorough understanding of end-to-end internal audit/SOX lifecycle, complex information systems and the client’s business/industry
• Demonstrating excellent project management skills, communication skills to effectively interact with clients and team members.
• Inspiring teamwork and responsibility with team members. Using current technology/tools to enhance the effectiveness of deliverables and services.
• Assist with practice development and marketing initiatives includes sales, proposals, and go-to-market deliverables to expand our business and footprint.
• Decisions are based on broad policies, applying personal knowledge/experience and/or precedents to guide decisions and resolve issues.
• Ability to work on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors.
• Provide general guidance as needed to others newer to the role or at a lower level.
• Strong critical thinking abilities.

To qualify for the role, you must have

• A bachelor’s degree and at least 3 years of related work experience
• A degree in business, accounting, finance, computer science, information systems or a related discipline
• Approximately 3 years of experience working as an IT auditor or IT risk advisor for a public accounting firm, professional services firm or financial services company, or comparable experience as an advisor to a financial service company
• Experience leading IT internal audit, external audit, service organization control reporting and/or IT internal controls engagements and assisting with business development activities within financial services.
• Experience with internal audit risk assessments, SOX/internal controls, tools and enablers within financial services
• Strong project management skills, including the ability to work on multiple projects at the same time
• Advanced written and verbal communication skills and presentation skills
• Excellent leadership, teamwork and client service skills.
• Willingness to travel, when necessary
• Proficiency in circular economy
• Expertise in continuous risk assessment
• Deep sector expertise
• Skills in impact measurement
• Experience in real-time solutioning
• Proficiency in risk analysis
• Expertise in risk function
• Skills in risk identification
• Experience in risk mitigation
• Proficiency in scenario analysis
• Expertise in stakeholder management
• Skills in technology asset management
• Experience in trend analysis
• Understanding of program risks
• Ability to build and manage relationships
• Skills in client trust and value
• Commercial astuteness
• Skills in communicating with impact
• Complex problem-solving abilities
• Critical thinking skills
• Digital fluency
• Ability to drive outcomes
• Global mindset
• Skills in hybrid collaboration
• Learning agility
• Commitment to sustainability

Ideally, you’ll also have

• CPA, CA, CISA, CRISC, CISSP, CISM, CBCP, CIA or CFE is required
• 3+ years of experience working in financial services for a public accounting firm, professional services firm or financial services company, or comparable experience as an advisor to a financial services company
• 2+ years of experience working with the real estate ERP solutions Yardi or MRI, including testing of IT controls and/or supporting implementations2+ years of experience working with Blackline, including testing IT controls and/or supporting implementations
• 2+ years of experience working with common GRC solutions AuditBoard and/or Workiva
• Experience in managing large-scale projects
• Proficiency in advanced data analytics
• Experience with regulatory compliance
• Skills in financial risk management

What we look for

We are looking for individuals who are passionate about risk management and have a keen eye for detail. Top performers in this role are proactive, analytical, and possess strong problem-solving skills. They communicate effectively with clients and team members and are committed to continuous learning and improvement.

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.