Get Latest Jobs Via Email
General Roles & Responsibilities:
- Collaborate with other members of the engagement team to plan the engagement and develop work plan execution timelines, risk assessments and other planning documents.
- Work with the audit team to document the business processes dependent on information systems.
- Perform testing in the audit program and prepare work papers evidencing work done.
- Prepare audit report including weaknesses noted in the systems of internal controls, non-compliance with procedures and the recommendations for improvements.
- Collect and analyze complex data, evaluating information and systems, and drawing logical conclusions.
- Ensure high quality in terms of client and time management in client service by directing daily progress of fieldwork and informing supervisors about engagement status.
- Use knowledge of the current IT environment and industry IT trends to identify the engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations.
- Demonstrate and apply strong project management skills, inspire teamwork and responsibility with engagement team members and use current technology and tools to enhance the effectiveness of deliverables and services.
Focused Roles & Responsibilities:
Quality Service / Client Care
- Provides and demonstrates value to clients.
- Commits to meeting clients expectations.
- Understands Clients’ problems or needs through analyzing their RFP (Request for Proposal) document.
- Execute programs to assess IT systems from a strategic perspective, benchmarking against leading or best IT practices in industry.
- Execute the audit of computer systems and IT infrastructure.
- Execute the audit of Web Based applications.
- Go to the client field and tries to understand the client environment through holding several meetings with the key employees at the client’s side, and conducting some readings and analysis to the system documentation.
Desired Skills and Experience
- Two to three years’ experience in the field of Internal and External Attack & Penetration (A&P) Testing, Vulnerability Assessment, Information Security Risk Management, ISMS Implementation, or Information Systems Audit.
- Experience of Professional Services Firms or Specialized Vendors is desirable.
- Strong knowledge in the following areas is desirable:
- A&P Tools Usage and Information Gathering from tools for reporting
- Standards such as ISO 27001, ISO 27005
- Technology footprint assessment for Risk Identification and Analysis
- BS (CS or IT), or BCS
- Professional qualifications such as CISSP / CISA / CISM / CEH / ISMS 27k LI / ISMS 27k LA. Certification in any of the aforementioned disciplines would be an advantage
- Strong skills and knowledge of control frameworks.
- Skills in negotiating issues and resolving problems.
- Effective verbal and written communications, including skill in presenting findings and recommendations.
- Skills in planning and working under pressure while meeting multiple deadlines.
- Strong business acumen and process improvement skills.
- Strong leadership and interpersonal skills.
- Ability to establish and maintain harmonious working relationships with co-workers, staff and external contacts, and to work effectively in a professional team environment.
Deadline for application submission: 27 June 2015
Who we are
At Ernst & Young we support you in achieving your unique potential both personally and professionally. We give you stretching and rewarding experiences that keep you motivated, working in an atmosphere of integrity and teaming with some of the world’s most successful companies. And while we encourage you to take personal responsibility for your career, we support you in your professional development in every way we can. You enjoy the flexibility to devote time to what matters to you, in your business and personal lives. At Ernst & Young you can be who you are and express your point of view, energy and enthusiasm, wherever you are in the world. It’s how you make a difference.
Information technology is one of the key enablers for modern organizations to compete. As one of our technology risk professionals, you will help clients improve the competitive advantage of their information technology operations through enhanced cost efficiency and managing the risks associated with running their systems. We will help you develop the skills you need to be successful. And as part of a market-leading global network of 6,000 technology risk professionals, you will gain valuable experience across industries and geographies and have the opportunity to deepen your subject matter knowledge.