About the role
AI summarisedManager role in EY's Financial Services Office (FSO) focusing on technology risk and regulatory assurance for financial institutions. Leads engagements to assess IT controls, cybersecurity, and compliance with standards like NIST and MAS, providing strategic guidance to clients.
BusinessFull-timeGeneral
Key Responsibilities
- Lead and manage regulatory assurance engagements focusing on technology risk management processes and controls for financial institutions, ensuring the timely and high-quality delivery of services
- Plan, coordinate, and execute audit procedures to assess the overall risk profile of the client, establish areas of assessment focus and thematic risks based on industry and regulatory requirements
- Evaluate the effectiveness of internal controls related to IT systems, cybersecurity, data privacy, and regulatory reporting based on regulatory, policy and other relevant stipulations
- Assess the adequacy of risk management frameworks and controls in mitigating technology related risks, including but not limited to operational, security and compliance risks, to identify areas for improvement and enhancement
- Interpret and apply regulatory requirements, standards and frameworks relevant to financial institutions in the context of audit engagements
- Develop comprehensive reports detailing observations and recommendations. Support the presentation of our perspective of identified observations and recommendations to the Board of Directors, Senior Management or other delegate management bodies of the client
- Collaborate closely with clients to understand their business objectives, risk appetite and regulatory obligations, providing strategic insights and guidance tailored to their needs
- Stay abreast of emerging trends, regulatory changes, and industry developments in technology risk management to ensure audit approaches and procedures remain current and effective
- Mentor and develop team members, providing coaching, training, and feedback to support their professional growth and development
- Engage in continuous improvement initiatives to enhance audit processes and tools for increased efficiency and effectiveness
Requirements
- Bachelor Degree in Information Technology, Information Systems Management, Computer Engineering, Computer Science, Cybersecurity or similarly related discipline
- Professional certifications such as CISA, CISSP, CISM, is preferred
- Minimum of 5 years of experience in internal or external audit, risk management, or compliance within the financial services industry, with a focus on IT / technology risk management/ cybersecurity
- Candidates with experience in internal audit covering technology risks and cybersecurity will be considered
- Deep understanding of technology risks faced by financial institutions, regulatory requirements and standards applicable to financial institutions, and internationally accepted IT or Cybersecurity standards and frameworks (e.g. NIST, COBIT, ITIL, ISO 2700x), with the ability to interpret and apply them effectively
- Having proven track record of leading and managing regulatory assurance engagements, including planning, execution and reporting will be advantageous
- Strong analytical, problem-solving and communication skills, with the ability to convey complex technical concepts clearly and persuasively
- Excellent project management and leadership skills, with the ability to prioritise tasks, allocate resources, and meet deadlines effectively
- Collaborative mindset with a demonstrated ability to build relationships, influence stakeholders and work effectively in a team-oriented environment
- Comfortable in a client-facing environment, knowledgeable in technology risk and cybersecurity, and possess strong project management, analytical and team collaboration skills
- Able to demonstrate integrity and professionalism in the course of work