Director – Technology Risk Consulting, IT Audit

Role Overview

• Consulting with client leadership on the design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies
• Consulting with client leadership on strategic plans and other business matters, helping our clients to anticipate emerging risks and information technology opportunities
• Overseeing the quality and timeliness of engagement teams efforts to identify internal IT controls, assess their design and operational effectiveness, determine risk exposures and to develop client recommendations and reports
• Supporting external financial statement, SOX compliance, and Internal Audit/SOX engagements for application and information technology general computer controls as a leader of integrated external and internal audit teams with IT general controls, IT operational risks, and IT risk management processes (including controls)
• Supporting external financial statement, SOX compliance, and Internal Audit/SOX engagements evaluating and testing application controls, particularly automated controls on a wide range of ERP systems and software applications across a wide variety of client business processes
• Leading client engagements pertaining to SOC attestation and other third-party opinion services
• Leading consulting and audit engagements pertaining to cybersecurity risk management
• Leverage your existing network and personal brand in the marketplace to drive growth for the risk consulting practice; including: identifying, proposing on, and securing new opportunities
• Oversee a diverse book of business, maintaining overall responsibility for the profitability, effective delivery and engagement risk of all client related work within the portfolio
• Manage multiple client projects simultaneously, while providing leadership on proposal opportunities and ongoing internal initiatives
• Recruit and retain future leaders of the firm. Leverage your experience and expertise to advance the professional aspirations and skills of your colleagues, our managers, and our risk consulting services staff.

Requirements

• Bachelor’s or master’s degree in business, accounting, MIS, computer science, or related a discipline
• Ten years of experience working in the field of information technology risk management, internal audit, and/or public accounting and consulting, with a minimum of 8 years at a public accounting or professional services firm
• Experience leading engagements and leading managers and staff
• Experience managing project financials and managing projects to completion within agreed upon fees and budgets
• Strong understanding of information technology controls and security experience in widely used financial applications and ERP systems (such as SAP, Oracle, JD Edwards, PeopleSoft, or others)
• Executive command and complete understanding of relevant regulations and industry standards (e.g., SOX, AICPA SOC Reporting Standards, COSO, COBIT, FFIEC, ITIL, ISO27001, PCI, HIPAA and GLBA) and best practices and methodologies to address these requirements
• Professional certification(s) such as Certified Public Accountant (CPA), Certified Information Systems Auditor® (CISA®), Certified Information Systems Security Professionals® (CISSP®); Certified Information Security Manager® (CISM®) and/or Certified Information Privacy Professional (CIPP)
• Recent successful experience in cultivating new business and related market-facing activities
• Exceptional interpersonal skills
• Advanced written, verbal and presentation skills, including interaction with members of senior management
• Ability to travel to meet client needs (estimated to be in a range from 10% to 30%)

Tech Stack

• Cyber Security
• ERP
• Oracle

Benefits

• Competitive benefits and compensation package
• Flexibility in your schedule
• Professional development opportunities
• Discretionary bonus based on firm and individual performance