Senior Associate, IT Audit - Technology Risk Consulting

* Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools
* Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL
* Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards
* Perform technology risk assessments and reviewing, documenting, evaluating control’s design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems)
* Perform external audit assurance activities, and perform service organization control services activities related to SSAE
18 SOC 1 and SOC 2 reporting services
* Perform first level review of associates work for accuracy, completeness, and well-reasoned conclusions
* Review and complete status documents for client delivery
* Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements
* Ensure that documentation is compliant with quality standards of the firm
* Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management on a daily basis
* Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients
* Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables
*
* Required Qualifications:

**** Responsibilities:
** The Technology Risk Consulting Senior Associate will be an integral team member by assisting with planning engagements, conducting fieldwork, discussing findings and observations during client exit meetings, preparing work papers to support conclusions, reviewing staff work papers, and preparing written attestation reports. The candidate should have a strong knowledge-level of financial, operational, and/or information technology, internal controls, identifying risks and related controls, as well as performing test work of identified significant controls.

The candidate should also be capable of conducting audit and attestation engagements independently and in-charging an engagement team. Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients

Ensure professional development through ongoing education
* Technology/Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, IT Application Controls and ERP Audits.
*
* Preferred Qualifications:

*** Qualified to pursue a job-relevant certification (CISA, CISM, CRISC, CISSP)
* Strong Data Analytical skills including advanced Excel skills (VLOOKUP's, pivot tables, and basic formulas), Word and Power Point
* MS Visio skills to develop process and data flow diagrams
* Strong multi-tasking and project management skills
* Excellent verbal and written communication

Bachelor’s or Master’s Degree in business, management information systems, computer and information science, accounting or related discipline with minimum of 2-4 Years of relevant experience in Information Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, ICFR, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL, PCI.)
#J-18808-Ljbffr