RSM
Senior Associate - Technology Risk Consulting
RSM, Philadelphia, Pennsylvania, United States, 19102
Technology Risk Consulting Position
We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, culture and talent experience and our ability to be compelling to our clients. You'll find an environment that inspires and empowers you to thrive both personally and professionally. There's no one like you and that's why there's nowhere like RSM. Responsibilities:
Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools. Develop an understanding of industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL. Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards. Perform technology risk assessments and reviewing, documenting, evaluating control's design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems). Perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services. Performing risk analysis by reviewing the information security policy documents against industry standards/regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization. Perform first level review of associates work for accuracy, completeness, and well-reasoned conclusions. Review and complete status documents for client delivery. Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements. Ensure that documentation is compliant with quality standards of the firm. Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management on a daily basis. Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients. Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables. Ensure professional development through ongoing education. Required Qualifications:
Bachelor's Degree with minimum of 2 Years of relevant experience in Information Technology/Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, IT Application Controls and ERP Audits. Candidate should have intermediate knowledge of financials, operations and technology and its related risks. Candidate should have good knowledge for SOC 1, SOC 2, ICFR, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL, PCI.) Preferred Qualifications:
Qualified to pursue a job-relevant certification (CISA, CISM, CRISC, CISSP). Strong Data Analytical skills including advanced Excel skills (VLOOKUP's, pivot tables, and basic formulas), Word and PowerPoint. MS Visio skills to develop process and data flow diagrams. Strong multi-tasking and project management skills. Excellent verbal and written communication.
We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, culture and talent experience and our ability to be compelling to our clients. You'll find an environment that inspires and empowers you to thrive both personally and professionally. There's no one like you and that's why there's nowhere like RSM. Responsibilities:
Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools. Develop an understanding of industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL. Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards. Perform technology risk assessments and reviewing, documenting, evaluating control's design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems). Perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services. Performing risk analysis by reviewing the information security policy documents against industry standards/regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization. Perform first level review of associates work for accuracy, completeness, and well-reasoned conclusions. Review and complete status documents for client delivery. Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements. Ensure that documentation is compliant with quality standards of the firm. Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management on a daily basis. Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients. Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables. Ensure professional development through ongoing education. Required Qualifications:
Bachelor's Degree with minimum of 2 Years of relevant experience in Information Technology/Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, IT Application Controls and ERP Audits. Candidate should have intermediate knowledge of financials, operations and technology and its related risks. Candidate should have good knowledge for SOC 1, SOC 2, ICFR, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL, PCI.) Preferred Qualifications:
Qualified to pursue a job-relevant certification (CISA, CISM, CRISC, CISSP). Strong Data Analytical skills including advanced Excel skills (VLOOKUP's, pivot tables, and basic formulas), Word and PowerPoint. MS Visio skills to develop process and data flow diagrams. Strong multi-tasking and project management skills. Excellent verbal and written communication.