IT Senior Associate, Risk Advisory Services

IT Senior Associate, Risk Advisory Services

1 day ago Be among the first 25 applicants

The Senior Associate, Data Risk & Security (DRS) will be responsible for providing risk consulting and issue resolution to clients in the areas of general IT controls, IT application controls, information technology process improvement, pre and post systems implementations, and IT security, specifically in a banking environment (commercial and/or retail banking). In this role, the Senior Associate, Data Risk & Security participates in all stages of IT internal audits or IT consulting engagements, and provides assistance with planning, field work, engagement wrap-up and report composition, along with providing recommendations to address client risks.

• Acts as primary contact for clients regarding basic questions and information
• Develops and monitors budgets (budget-to-actual) for all assigned engagements
• Conducts informational interviews, and facilitates meetings with clients during engagement process
• Obtains information, documents and data from clients to support the completion of analysis and research of client issues
• Documents and analyzes client processes, risks and controls, with guidance and direction from senior DRS professionals
• Reviews client contracts and develops contract summaries, including key provisions and financial information based on type of contract
• Develops initial deliverables and/or solutions to client issues
• Reassesses risk, and communicates with other BDO professionals and/or client, as necessary
• Assists with management of engagements to ensure engagement metrics are achieved
• Utilizes research tools, databases and trade publications to develop an understanding of a client’s industry
• Develops relationships with client personnel and management members
• Prepares formal and informal presentations for client meetings
• Partners with RAS leadership to complete research and draft proposals and reports, as necessary
• Implements project plans, and maintains all documentation and work papers associated with client engagements
• Maintains the confidence of all documentation and work papers associated with client engagements
• Conducts risk assessment of assigned department or functional area in established / required timeline, while overseeing staff
• Establishes risk‑based IT audit programs
• Determines scope of review in conjunction with the engagement manager
• Documents financial reporting cycles or internal audit area, and identifies key controls
• Assesses internal control design and operational effectiveness
• Conducts audit testing of specified area, and identifies reportable issues and dimension of risk
• Determines compliance with appropriate legislation and/or audit policies and procedures
• Communicates findings to senior management, and drafts comprehensive report of audited area
• Stays abreast of current developments in IT technology, cloud services, IT security breaches, audit standard updates and other emerging issues which may impact the audit process
• Other duties as required

• Supervises the day‑to‑day workload of Data Risk & Security Associates on assigned engagements, and reviews work product
• Ensures DRS Associates are trained on all relevant audit software and engagement processes and procedures
• Delivers periodic performance feedback, and completes performance evaluations for DRS Associates
• Acts as mentor to DRS Associates, as appropriate

• Bachelor’s degree in Information Technology, Computer Science, Accounting, or Finance, required

• Bachelor’s degree in Information Technology, Computer Science, Accounting, or Finance, required

• Two (2) or more years of experience within a public accounting firm or industry environment performing internal audit, IT audit, consulting or risk services, required
• Experience with IT internal controls, including design and testing of controls, required
• Experience with IT Audit and Sarbanes Oxley, with a focus in entities wide risk assessment, required
• One (1) or more years of supervisory experience, preferred
• Experience performing IT Security audits and third‑party vendor risk assessments, preferred