Key skills
Cyber SecurityERPLeadershipRisk ManagementChange Management
About this role
Role Overview
- Gain an understanding of the assigned clients’ business objectives, IT environment, and applicable regulatory and risk management landscape
- Lead projects in the areas of IT General Controls (ITGC) assessments, Sarbanes-Oxley (SOX) IT compliance, ERP/application control reviews, and cybersecurity risk assessments
- Leverage knowledge of industry-specific systems, applications, and infrastructure to identify technology risks and evaluate their impact on business and financial reporting
- Assess the design and operating effectiveness of IT controls related to access management, change management, system operations, and data integrity
- Obtain and analyze system-generated data, configurations, and logs as a basis for evaluating control environments and identifying gaps
- Demonstrate proficiency in developing IT control process flows, risk/control matrices, and testing strategies for general and automated application controls
- Maintain the level of technical competency and professional care required for the completion of assignments in accordance with COSO, COBIT, and ISO auditing standards and related control techniques
- Set priorities, ensuring daily coordination among the project team, and monitor progress against schedules, budgets, project/task deliverables and status reporting
- Plan, review, and provide direction for the work of Staff and Senior Consultants
- Communicate extensively with clients to drive expectations and report on the status of ongoing projects
- Deliver oral and written presentations during and at the conclusion of projects by either recommending improvements or any operational/financial deficiencies to executive leadership
- Stay abreast of emerging risk areas, IT trends, and related control techniques
- Strengthen and maintain a network of industry contacts and establish new long-term relationships
Requirements
- Bachelor's and/or Master’s degree in Accounting, Finance, Management Information Systems, or another relevant field
- Relevant certification preferred, such as CISA, CISSP, CISM, CGEIT, or CIPP; CPA or CIA is also valued but not required
- Minimum 5 years working as IT auditor or IT risk advisor for a public accounting firm, or other operational roles with a focus on information technology compliance
- Demonstrated knowledge of IT risk management, general and application controls, cybersecurity principles, and regulatory frameworks such as SOX, NIST, or ISO
Tech Stack
- Cyber Security
- ERP
Benefits
- Full range of benefits including medical, dental, and vision insurance
- 401(k) with company match
- PTO