Assurance Senior Manager, Third Party Attestation

About The Position

Requirements

• Bachelor’s degree in Accounting, Computer Science, Management Information Systems, Business Administration, Managerial Marketing and Entrepreneurship, Finance or Economics, required
• Eight (8) or more years of experience in internal or external audit, required
• Certified Public Accountant (CPA) OR Certified Information Systems Auditor (CISA)
• Proficiency in the use of Microsoft Office Suite, required
• Advanced understanding and experience planning and coordinating the stages to perform technology-focused audits and assessments
• Knowledge of internal controls, security, privacy, audit and control frameworks (e.g. SOC 2, ISO 27001, NIST 800-53), and relevant professional standards and regulations
• Knowledge of cloud infrastructure management, DevOps and CI/CD, system access management, vulnerability management, and encryption systems management
• Knowledge of data analytics and emerging technologies
• Strong verbal and written communication skills with the ability to adapt style and messaging to effectively communicate with professionals at all levels both within the client organization and the firm
• Ability to successfully multi-task while working independently and within a group environment
• Solid analytical and diagnostic skills and ability to break down complex issues and implementing appropriate resolutions
• Able to work in a demanding, deadline driven environment with a focus on details and accuracy
• Solid project management skills
• Ability to travel as necessary
• Ability to successfully interact with professionals at all levels

Nice To Haves

• Master’s degree in Accounting or Information Systems or other relevant advanced degree, preferred
• More than Five (5) years of prior supervisory experience, preferred
• Experience performing internal control reviews, preferred
• Experience performing MRC, SOC, WebTrust, ISO 27001 and security/privacy advisory engagements, preferred
• Experience with digital advertising and media tech stacks (ad servers, SDKs, DSP/SSP/exchanges, MMPs, CDP/DMP, SSAI), and how signals flow through the ecosystem, preferred
• Prior experience with cloud technology platforms and tools, security and operational IT controls, PKI and encryption technology, preferred
• Proficiency with data analysis over large datasets and interpreting log-level telemetry, preferred
• Passion for developing and mentoring a growing team and helping to drive business growth

Responsibilities

• Applies advanced knowledge and understanding of the collective effect of various factors on establishing or enhancing effectiveness, or mitigating the risks, of specific policies and procedures by: o Identifying and considering all applicable policies, laws, rules, and regulations of the firm, regulators, or other authoritative bodies as part of engagement team o Identifying and making constructive suggestions to improve client internal controls o Ensuring proper documention of the clients’ internal control system o Esuring proper documention of the clients’ business and IT processes and controls and tests key controls in a variety of industries o Supervising the work of the audit team and review workpapers and conclusions preferably onsite during audit field work o Identifying and delegating functions of the audit to the auditor in charge as deemed appropriate o Providing on-the-job-training to the engagement team during field work o Identifying and prioritizing key risks, and assesses their impact and likeliness of occurrence o Communicating to the client areas to improve processes, strengthen controls, mitigate risks, and/or increase efficiency o Developing and maintaining relationships with client personnel and management o Ensuring technology is appropriately integrated into the examination process o Developing and applying an advanced knowledge of MRC’s Minimum Standards and other relevant industry criteria (e.g., IAB, POCMA, TAG), and incorporates them into risk assessment and control evaluation, as applicable
• Applies advanced knowledge and understanding of professional standards; application of the principles contained in professional standards; and the ability to document and communicate an understanding and application of professional standards on an engagement by: o Developing and applying an advanced knowledge of auditing theory, a sense of audit skepticism, and the use of BDO audit manuals o Applying auditing theory to various client situations o Identifying complex issues, including deviations, and forming a resolution, seeking the counsel of BDO technical experts as needed o Applying knowledge to identify instances where testing may be reduced or expanded and providing counsel to the members of the audit team o Developing and applying an advanced knowledge of AT-C 105/205 tailored to non-financial metrics and providing counsel to the members of the audit team
• Applies advanced knowledge and understanding of governing principles; applying these principles to client transactions; and documenting and communicating an understanding and application of these principles by: o Planning and executing attestation examinations including obtaining an understanding of the control environment, designing test plans, evaluating deficiencies and assessing the overall financial reporting control environment o Planning and executing readiness assessments and roadmaps, including gap analyses against relevant criteria o Reading and reviewing clients’ reports, ensuring accuracy and completeness, and also ensuring that all supporting information is documented in the workpapers and through appropriate testing o Preparing required communications to the client and the Audit Committee, as applicable; o Recognizing and applying new pronouncements to client situations o Identifying, analyzing and discussing alternative principles with the Manager, Senior Manager and engagement partner and the client, as needed o Identifying complex issues and brings them to the attention of superiors for resolution o Coaching less experienced team members in new areas
• Applies advanced knowledge and application of BDO standards to guide effective and efficient delivery of quality services and products by: o Conducting detailed reviews to assure audits are completed in accordance with assurance manual standards o Preparing or reviewing required communications to management and audit committees, ensuring timeliness and completeness o Recommending appropriate outcomes to critical issues o Initiating and preparing client acceptance/retention procedures where appropriate o Pl aning the audit process and overseeing the execution of procedures with quality, efficiency, and completeness despite pressures of deadlines o Executing proper BDO methodology including but not limited to proper archiving procedures o Leading the design, documentation, and continuous improvement of a BDO audit methodology as it relates to relevant industry criteria (e.g., MRC, IAB, POCMA, TAG standards and guidelines); defines procedure libraries, evidence expectations, data requirements, re‑performance techniques (e.g., log‑level analyses, instrumentation testing, code/logic walkthroughs), and calibrates materiality/sampling
• Applies methodology used to seek or maintain information from authoritative sources and to draw conclusions regarding a target issue based on the information by: o Applying advanced knowledge of all appropriate research tools and drawing conclusions based upon appropriate research o Preparing memos supporting research/conclusions and consulting with others if appropriate o Presenting issues to RTD or concurring reviewer effectively and accurately o Monitors and disseminates updates to industry standards and related industry specifications (e.g., MRC standards and guidelines, IAB Tech Lab standards such as VAST, Open Measurement SDK, ads.txt/sellers.json) and evaluates audit implications o Advises clients on industry changes that affect measurement (e.g., third party cookie deprecation, IP anonymization, app tracking transparency, evolving IVT tactics) and the corresponding audit implications o Evaluates novel client methodologies (e.g., ML-based IVT detection, cross-media deduplication) and their audit implications o Represents BDO on relevant industry associations and working groups (e.g., MRC standard setting working groups)
• Other duties as required
• Setting the tone for teamwork by supporting others in their work and delivering on commitments made to the team members and clients
• Supervising of managers, senior associates, and associates on all projects
• Reviewing work prepared by managers, senior associates, and associates and provide review comments
• Acting as a Career Advisor to senior associates and associates
• Scheduling and managing workload of senior associates and associates
• Providing verbal and written performance feedback to senior associates and associates
• Teach/coach managers, senior associates and associates to provide on the job learning