IT Risk Advisor, Risk Transformation (GRC-SAP) (Manager) (Multiple Positions) , Ernst & Young U.S. LLP, Houston, TX.
Provide IT Risk Advisory services to help clients optimize their processes and controls to drive efficiencies, improve risk coverage and help eliminate redundant as well as manual, labor intensive controls. Advise on process and controls improvement, to help clients optimize their processes and controls by focusing them on risks, taking advantage of opportunities to streamline and eliminate duplicative controls and leveraging technology to automate controls. Help clients improve their overall mix of controls while reducing risk exposure so that they can better focus on running their business. Help clients assess, design, and implement an array of GRC technology platforms to better grow, optimize and protect their businesses. Provide clients with services ranging from developing the business case for GRC technology to helping implement GRC technology platforms to address areas such as security and controls and audit, risk, policy and issue management. Assist clients with GRC technology services to complement the design of application security, process controls or continuous monitoring.
Manage and motivate teams with diverse skills and backgrounds. Consistently deliver quality client services by monitoring progress. Demonstrate in-depth technical capabilities and professional knowledge. Maintain long-term client relationships and networks. Manage project delivery. Cultivate business development opportunities.
Full time employment, Monday– Friday,40hours per week, 8:30 am – 5:30 pm
Must have a Bachelor's degree in Accounting, Finance, Business, Computer Science, Information Systems, Engineering or a related field and 5 years of progressive, post-baccalaureate work experience. Alternatively, will accept a Master's degree in Accounting, Finance, Business, Computer Science, Information Systems, Engineering or a related field and 4 years of related work experience. Of the required experience, must have 4 years of experience: - Using the SAP ERP system from a program and project delivery perspective, including an understanding of SAP application controls, or SAP architecture and solution design, information management, implementation, and operations. Project management and engagement delivery. Must have at least 4 SAP GRC implementations or 4 years of experience in business process controls. Must have 2 years of experience in at least one of the following regulatory compliance models: SOX, FDA, FERC/NERC, HIPAA. Must have 3 years of professional services client facing consulting experience. Must have 2 years of experience in at least 2 of the following areas: - Program management for large scale business transformation projects and programs; - Developing new business with existing clients at the C' level of Fortune 500 companies; OR - Leading a team of consulting professionals on multiple projects. Must be eligible to obtain certification in one of the following: CISA, CISSP, CISM, CBCP, CIA, CIPP, CGEIT, CRISC, PMP, MBCI, FBCI, CBCP, or MBCP within 1 year from date of hire. Travel required up to 80%, of which 25% may be international to serve client needs. Employer will accept any suitable combination of education, training or experience.
TO APPLY: Please apply on-line at ey.com/en_us/careers, and click on “Find jobs” (Job Number – HOU003US).
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law.
This particular position at Ernst & Young in the United States requires the qualified candidate to be a 'United States worker' as defined by the U.S. Department of Labor regulations at 20 CFR 656.3. You can review this definition athttps://www.gpo.gov/fdsys/pkg/CFR-2011-title20-vol3/pdf/CFR-2011-title20-vol3-sec656-3.pdf at the bottom of page 750. Please feel free to apply to other positions that do not require you to be a 'U.S. worker'.