Technology Risk & IT Audit Senior Consultants

EY

EY is a global leader in Assurance, Tax, Consulting and SaT (Strategy and Transactions) services.

The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

Our 280 000 people, in more than 150 countries, are united by our shared values, which inspire our people worldwide and guide them to do the right thing, and our commitment to quality, which is embedded in who we are and everything we do. Our offices around the world use the same methodology and are linked through an integrated technology platform to enable instantaneous communication and collaboration among team members, regardless of location. As a member of EY Global, in Turkey we operate in 5 offices located in Istanbul, Ankara, Bursa and Izmir, with more than 1600 people for 30 years.

Risk Consulting: Technology Risk & IT Audit

Management and boards of directors rely heavily on IT audit to provide important proactive assessments and assurance around the effectiveness of controls and company processes, while also providing objective consulting support. In the new digital economy, technology plays an increasingly important role in every company’s governance framework. As an IT audit professional, you will be participating in engagements to identify technology control enhancements, IT operational and compliance process improvement and efficiency opportunities, as well as company-wide cost improvements. EY is a global leading service provider in this space, with a reputation for high quality and cost-effective innovative offerings. 

The opportunity

As a new joiner within the IT audit team, you will participate in multiple client engagement teams. Engagements focus on the assessment and/or evaluation of Information Technology (IT) systems and the mitigation of IT-related business risks. Engagements may vary considerably in size and complexity. Primary industries include financial services, telecommunications, technology, government, manufacturing, retail and public companies.

You will serve as a fieldwork team member to assist clients in employing proper information systems, resources, and controls to maximize efficiencies and minimize risk, as well as achieving compliance with regulations and best practice frameworks. You will work with client personnel to analyze, evaluate, and enhance information systems facilitating the business internal control process, and will assist clients and other audit professionals in performing information technology control and security engagements.

The matters we cover-we offer the following services to our clients:

·        Technology risk assessments

·        Regulatory IT audits (BDDK, SPK, KGK, SOX, etc.)

·        IT framework implementation (e.g. COBIT, ISO standards, security frameworks, ITIL, TOGAF, etc.)

·        Risk and control analytics and risk technology services

·        IT application reviews

·        IT contract reviews

To qualify for the role you must have

·        You have a minimum of 2 years up to 5 years of experience working as an IT auditor or IT risk advisor for a public accounting firm, a professional services firm, or within industry. You also have prior consulting experience with a Big 4 firm, consulting or audit firm or large global institution.

·        You will bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ITGCs for financial statement audits; (b) internal or operational audits; (c) Service Organization Controls Reporting engagements; and/or (d) ERP security and control reviews (Oracle, SAP, PeopleSoft),(e) consulting projects in the areas of IT Security /IT Compliance or Data Analytics;

·        You may also have one (or more) relevant certifications, such as CISA, CISM, CGEIT, CRISC, ITIL, CISSP, CIA; ISO27001, ISO22301, Prince2 or PMP, which are considered an advantage. If you are non-certified, you are required to become certified within 1 year from your date of hire.

What we look for 

We’re interested in highly motivated talented individuals with a strong willingness to think outside of the box. You can expect plenty of autonomy in this role, so you’ll need the motivation to take initiative and seek out opportunities to improve our current relationships and expand our business in the evolving market. If you’re serious about IT auditing and consulting and ready to take on some of our clients’ most complex issues, this role is for you.