Staff Controls Auditor - IT Risk Advisory Services

KSM (Katz, Sapper & Miller)•Indianapolis, IN

About The Position

We’re KSM, one of the top 50 largest independent advisory, tax, and audit firms in the United States. But more than our size, it’s our people and culture that set us apart. We believe great things happen when people are supported, challenged, and given the freedom to do their very best work. That’s why we’ve built a workplace where your career and personal life can thrive together – where you have the flexibility to manage your time, the resources to grow, and a team that genuinely cares about your success. We’ve been employee-owned since 2001, giving every team member a stake in our collective success. This ownership mentality fosters a culture of collaboration, curiosity, and excellence – where new ideas are welcomed, different perspectives are valued, and you’re encouraged to explore what excites you most. Whether you’re expanding your skills, tackling new challenges, or making an impact beyond the office, we provide the resources and support to help you grow in the direction that’s right for you. At KSM, your contributions matter – not just to the firm, but to your colleagues, clients, and the communities we serve across the U.S. If you’re looking for a place where you can do meaningful work, build lasting relationships, and grow in ways that align with what’s most important to you, we’d love to meet you. Position Summary: Participate in multiple attestation and consulting services, especially SOC 1 and SOC 2 attestation engagements, IT and cybersecurity audits and assessments, HITRUST assessments, and other risk services engagements for clients across a variety of industries. Will also be responsible for building relationships with clients, reviewing IT and business policies, and assessing IT and business process risks. The role requires a broad mix of business and technical acumen coupled with polished communication skills and a strong desire to learn.

Requirements

Undergraduate or Master’s Degree in Information Systems, Cybersecurity, Computer Information Systems, Information Technology with a Security or Networking focus or similar background.
Possess understanding of IT and Cybersecurity controls and risk
Strong communications skills, both verbal and written
Driven, great attitude, and a desire to succeed
Demonstrated ability to manage multiple projects/assignments simultaneously with attention to detail
Strong interpretive skills and analytical abilities
Limited travel may be required
Commitment to obtain relevant professional certifications (CISA, CISSP, etc.) with KSM’s support

Nice To Haves

Experience in technical, audit/assurance, or compliance role a plus
Experience in testing or assessment of internal controls a plus

Responsibilities

Obtain in-depth knowledge of client systems, network infrastructure, underlying technologies and security controls within the defined scope of SOC 1 and SOC 2 consulting and attestation engagements.
Examine, understand, assess, and improve business processes, systems and internal control frameworks. Focus will range from assisting clients in the development and implementation of risk management strategies to testing clients’ internal control systems.
Document all testing performed in a clear, concise, and logical manner
Conduct gap analyses and assessments related to multiple information security frameworks; experience with AICPA SOC 1 and SOC 2, HITRUST, NIST, or ISO 27001 is a plus
Participate with a team of professionals and manage client relationships.
Effectively manage time and make sound decisions to accomplish diverse tasks and/or projects
Effectively convey concepts and ideas using both verbal and written communications

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume