Ernst & Young is a global leader in assurance, tax, transaction and advisory services. We aim to have a positive impact on businesses and markets, as well as on society as a whole.
At Ernst & Young we support you in achieving your unique potential both personally and professionally. We give you stretching and rewarding experiences that keep you motivated, working in an atmosphere of integrity and teaming with some of the world's most successful companies. And while we encourage you to take personal responsibility for your career, we support you in your professional development in every way we can. You enjoy the flexibility to devote time to what matters to you, in your business and personal lives. At Ernst & Young you can be who you are and express your point of view, energy and enthusiasm, wherever you are in the world. It's how you make a difference.
Assurance gives organizations and their investors the confidence that the results they report give a true and fair picture of their business. As an assurance professional at Ernst & Young, you'll work in a high-performing and inclusive environment that offers you great opportunities to develop an interesting and fulfilling career, wherever you are in the world. You will work in multidisciplinary teams to handle complex issues and resolve challenges for leading companies. We'll support you in your professional development so you achieve your potential. As a result of growth, vacancies exist in all our service lines.
We are currently recruiting for the Position of:
Job Title: IT Risk & Assurance Manager
Ref.: NIG0000T
Location: Lagos, NG
Job Purpose
- As an IT Risk and Assurance Manager, you'll actively establish, maintain and strengthen internal and external relationships. With the guidance of partners, directors and senior managers, you'll identify potential business opportunities for Ernst & Young. Drawing on your knowledge and experience, you'll provide innovative commercial insights for clients, adapt methods and practices to fit operational team and cultural needs and contribute to thought leadership.
- You'll actively contribute to improving operational efficiency on projects and internal initiatives. In line with our commitment to quality, you'll consistently drive projects to completion and confirm that work is of high quality. Your role in leading teams - or parts of teams - on engagements will depend on the size of engagement. When working on engagements, you'll report to higher levels of management, who will expect you to anticipate and identify risks, and raise any issues with them as appropriate.
- As an influential member of the team, you'll help to create a positive learning culture, coach and counsel junior team members and help them to develop.
Client Responsibilities
- Participate in IT Risk and Assurance engagements.
- Help manage the financial aspects of engagements by organizing staffing, tracking fees and communicating issues to project leaders.
- Participate in business development initiatives.
- Build strong internal relationships within Ernst & Young Advisory Services and with other services across the organization.
People Responsibilities
- Develop people through effectively supervising, coaching, and mentoring staff.
- Conduct performance reviews and contribute to performance feedback for staff.
- Contribute to people-related initiatives including recruiting, retaining and training IT Risk and Assurance professionals.
- Maintain an educational program to continually develop personal skills of all staff.
- Understand and follow workplace policies and procedures.
Technical Skills Requirements You'll have knowledge and experience of a number of the following areas, and be developing deep experience and technical competence in at least one:
1.) Governance and IT management.
IT governance and risk:
- Control frameworks such as COSO
- Enterprise risk services with a specific focus on IT, and related industry standards
- IT risk management framework
- Common IT governance and control industry frameworks, including CObIT, RiskIT, ValIT, IT
- Governance Institute and ISACA good practices
- IT industry frameworks such as ITIL and CMM
Project Risk:
- Robust understanding of program and project management practices
- Familiarity with a typical IT systems development life cycle
- Experience in developing technical skills specific to a solution, e.g., SAP, Oracle, CRM
- Proven business process/analysis skills
2.) IT assurance and compliance
3.) A broad appreciation of business processes, data structures, IT applications and infrastructure, IT processes, and governance and internal control principles.
4.) Depending upon your specific area(s) of focus, you'll have additional skills and knowledge in:
- IT audit in the context of a financial audit, and related regulations, auditing standards and guidelines
- Control frameworks such as COSO, internal control principles and related regulations including SOX and J-SOX
- Internal audit services with a specific focus on IT, and related industry standards
- Common IT governance, control and assurance industry frameworks, including CObIT, RiskIT, ValIT, IT Governance Institute and ISACA good practices
- IT industry frameworks such as ITIL and CMM
- Third party reporting standards (particularly SAS 70), other reporting and industry specific standards and, if applicable, trust based standards such as SysTrust and WebTrust
5.) Infrastructure:
- Technically enabled IT /business transformation, program and project delivery, design, architecture and solution design, information management, implementation, operations, and management of IT infrastructure
- Information systems security assessment, design, architecture, implementation
- management and reporting
- Strong technical or security skills related to a broad range of operating systems, databases or security tools, e.g., UNIX, Linux, Windows 2000 and NT, firewalls and IDS systems
- Familiarity with IT analysis, delivery and operations methods, including SDLC and CMM
- Experience with programming languages such as Java, C, C++, C#, asp, and .NET
- Familiarity with security and risk standards such as ISO 2701-2, PCI DSS, NIST, ITIL, COBIT
- Experience of security testing methods and techniques including network, operating and application system configuration review and internal/external penetration testing
- An understanding of web-based application vulnerabilities, and experience in application security review and testing
- Experience of manual attack and penetration testing above and beyond the running of automated tools
- Experience in developing custom scripts or programs (used for port scanning and vulnerability identification)
6.) Applications
- Application controls and security experiences involving ERPs:
a.) Security modeling
b.) Sensitive access and SoD testing
c.) Controls testing
- Process systems and integrity, including risks and controls within business processes (manual, automated, security)
- Change management
- Project management and program management office (PMO) experience involving ERPs
- Project assurance/advisory services experience involving ERPs:
a.) System selections
b.) Targeted assessments
c.) Pre- and post-implementation reviews
- Basic programming compliant with ACL, DB and Microsoft Office skills/experience, e.g., Excel and Access
7.) Data:
- Data/information management and manipulation.
- Information architecture and integration design.
- Information analysis and business intelligence tools.
- ETL tool usage, design and deployment.
- Database (relational and multidimensional) design, deployment and scripting.
- Data governance and data quality design, deployment and tools.
You'll have knowledge and experience in one or more of Ernst & Young's priority industry sectors:
- Government & Public Sector
- Utilities
- Consumer Products
- Industrial Products
- Technology
- Communications & Entertainment
- Healthcare.
Additional Skills Requirements:
- Demonstrated track record with a blue chip consulting organization and/or a blue chip organization.
- Strong academic record including a degree.
Application Closing Date
15th April, 2014.
Method of Application
Qualified and interested candidates should:
Click here to apply online