IT Senior Associate, Risk Advisory Services

About The Position

Requirements

• Bachelor’s degree in Information Technology, Computer Science, Accounting, or Finance, required
• Two (2) or more years of experience within a public accounting firm or industry environment performing internal audit, IT audit, consulting or risk services, required
• Experience with IT internal controls, including design and testing of controls, required
• Experience with IT Audit and Sarbanes Oxley, with a focus in entities wide risk assessment, required
• Proficient in the use of Microsoft Office Suite, specifically Excel and Word, required
• Knowledge of: Automated business systems, program change management controls, input, processing and output controls and related audit techniques
• Knowledge of: Various network architectures and operating systems
• Knowledge of: Network access security methods such as firewalls, proxies, virtual private networks, and IDS/IPS
• Knowledge of: Physical facilities and equipment access controls
• Knowledge of: Cloud security and third-party vendor risks
• Knowledge of: Logical data and application access controls
• Knowledge of: Disaster recovery and business continuity methods
• Solid understanding and capable of planning and coordinating the stages to perform an IT audit
• Knowledge of internal accounting controls, professional standards and regulations and systems
• Strong verbal and written communication skills
• Ability to adapt style and messaging to effectively communicate with professionals at all levels both within the client organization and the Firm
• Ability to successfully multi-task while working independently and within a group environment
• Superior analytical and diagnostic skills
• Capable of working in a demanding, deadline driven environment with a focus on details and accuracy
• Ability to adapt to rapidly changing environments successfully
• Solid organizational skills, especially the ability to meet project deadlines with a focus on details
• Capable of effective managing a team of professionals and delegating work assignments, as needed
• Capacity to build and maintain strong relationships with client personnel
• Ability to travel, as needed

Nice To Haves

• One (1) or more years of supervisory experience, preferred
• Experience performing IT Security audits and third-party vendor risk assessments, preferred
• CISA, CISM, CISSP, or other equivalent certification, preferred
• Experience auditing various mainstream ERP applications (i.e., SAP, Oracle, etc.), preferred
• Experience with various IT audit applications and research tools, preferred
• Working knowledge of data visualization and analytics software such as PowerBI, Alteryx, Tableau or other, preferred

Responsibilities

• Acts as primary contact for clients regarding basic questions and information
• Develops and monitors budgets (budget-to-actual) for all assigned engagements
• Conducts informational interviews, and facilitates meetings with clients during engagement process
• Obtains information, documents and data from clients to support the completion of analysis and research of client issues
• Documents and analyzes client processes, risks and controls, with guidance and direction from senior DRS professionals
• Reviews client contracts and develops contract summaries, including key provisions and financial information based on type of contract
• Develops initial deliverables and/or solutions to client issues
• Reassesses risk, and communicates with other BDO professionals and/or client, as necessary
• Assists with management of engagements to ensure engagement metrics are achieved
• Utilizes research tools, databases and trade publications to develop an understanding of a client’s industry
• Develops relationships with client personnel and management members
• Prepares formal and informal presentations for client meetings
• Partners with RAS leadership to complete research and draft proposals and reports, as necessary
• Implements project plans, and maintains all documentation and work papers associated with client engagements
• Maintains the confidence of all documentation and work papers associated with client engagements
• Conducts risk assessment of assigned department or functional area in established / required timeline, while overseeing staff
• Establishes risk-based IT audit programs
• Determines scope of review in conjunction with the engagement manager
• Documents financial reporting cycles or internal audit area, and identifies key controls
• Assesses internal control design and operational effectiveness
• Conducts audit testing of specified area, and identifies reportable issues and dimension of risk
• Determines compliance with appropriate legislation and/or audit policies and procedures
• Communicates findings to senior management, and drafts comprehensive report of audited area
• Stays abreast of current developments in IT technology, cloud services, IT security breaches, auditing standard updates and other emerging issues which may impact the audit process
• Supervises the day-to-day workload of Data Risk & Security Associates on assigned engagements, and reviews work product
• Ensures DRS Associates are trained on all relevant audit software and engagement processes and procedures
• Delivers periodic performance feedback, and completes performance evaluations for DRS Associates
• Acts as mentor to DRS Associates, as appropriate
• Other duties as required