Senior Manager - ICFR

About The Position

Requirements

• Experience within audit practice auditing clients in the Financial Services industry including a strong understanding of business processes associated with banks and capital market entities in Canada.
• Operational experience with Canadian or US regulations for technology risk, e.g. OSFI B13, E21, etc.
• At least 8+ years of relevant experience in assessing information technology or business process risk ideally within a large consulting practice.
• Strong understanding and experience with IT General Controls and controls is preferred.
• Experience with addressing regulatory control issues.
• Bachelor’s degree in Business or Computer Science degree required, ideally with a major in accounting.
• Excellent communication skills being able to express insights, both written and orally.
• Demonstrated ability to learn and succeed in a fast-paced environment.
• Attention to detail and strong organization and analytical skills.
• Strong understanding of business risks and audit risks.

Nice To Haves

• Completion of one or a combination of the following designations CPA, CISA, CISSP, CRISC is an asset.

Responsibilities

• Conducting external or internal IT audits, performing Tests of Design and Tests of Operating Effectiveness with a strong focus on IT General Controls
• Supporting on SOX readiness and control design, working with internal stakeholder to identify, design and implement IT controls
• Conducting assessments of IT risks and controls in support of internal and external audit and advisory engagements, related to for instance: Internal controls over financial reporting IT risk and maturity assessment IT projects and system implementations. Access Management IT governance reviews IT Third party risk management. Business continuity and disaster recovery Cloud security Data governance assessments and reviews ERP controls and security Responsible AI and governance
• Managing engagements end-to-end, overseeing teams and managing clients.
• Developing risk and control matrices and reviewing procedures.
• Engagement risk management: quality assurance through file review, engagement planning, development and monitoring, engagement profitability
• Simultaneously deliver multiple client engagements of varying size, scope and complexity.
• Business development: taking an active role in the business community to increase awareness of the firm's services and level of commitment to the local market, developing and maturing relationships with internal staff and clients, developing proposals, identifying and pursuing opportunities to increase the practice's penetration in the public and private sector.
• Service Delivery: conducting research, performing technical testing, writing reports, conducting interviews and communicating regularly with clients and resources.
• Leading field engagement teams as well as coaching and mentoring junior staff members.