BDO USA, LLP
IT Senior Associate, Risk Advisory Services
BDO USA, LLP, Chicago, Illinois, United States, 60290
Job Summary
The Senior Associate, Data Risk & Security (DRS) will be responsible for providing risk consulting and issues resolution to clients in the areas of general IT controls, IT application controls, information technology process improvement, pre and post systems implementations, and IT security, specifically in a banking environment (commercial and/or retail banking). In this role, the Senior Associate, Data Risk & Security participates in all stages of IT internal audits or IT consulting engagements, and provides assistance with planning, field work, engagement wrap-up and report composition, along with providing recommendations to address client risks.
Job Duties Acts as primary contact for clients regarding basic questions and information
Develops and monitors budgets (budget-to-actual) for all assigned engagements
Conducts informational interviews, and facilitates meetings with clients during engagement process
Obtains information, documents and data from clients to support the completion of analysis and research of client issues
Documents and analyzes client processes, risks and controls, with guidance and direction from senior DRS professionals
Reviews client contracts and develops contract summaries, including key provisions and financial information based on type of contract
Develops initial deliverables and/or solutions to client issues
Reassesses risk, and communicates with other BDO professionals and/or client, as necessary
Assists with management of engagements to ensure engagement metrics are achieved
Utilizes research tools, databases and trade publications to develop an understanding of a client\'s industry
Develops relationships with client personnel and management members
Prepares formal and informal presentations for client meetings
Partners with RAS leadership to complete research and draft proposals and reports, as necessary
Implements project plans, and maintains all documentation and work papers associated with client engagements
Maintains the confidence of all documentation and work papers associated with client engagements
Conducts risk assessment of assigned department or functional area in established / required timeline, while overseeing staff
Establishes risk-based IT audit programs
Determines scope of review in conjunction with the engagement manager
Documents financial reporting cycles or internal audit area, and identifies key controls
Assesses internal control design and operational effectiveness
Conducts audit testing of specified area, and identifies reportable issues and dimension of risk
Determines compliance with appropriate legislation and/or audit policies and procedures
Communicates findings to senior management, and drafts comprehensive report of audited area
Stays abreast of current developments in IT technology, cloud services, IT security breaches, auditing standard updates and other emerging issues which may impact the audit process
Other duties as required
Supervisory Responsibilities Supervises the day-to-day workload of Data Risk & Security Associates on assigned engagements, and reviews work product
Ensures DRS Associates are trained on all relevant audit software and engagement processes and procedures
Delivers periodic performance feedback, and completes performance evaluations for DRS Associates
Acts as mentor to DRS Associates, as appropriate
Qualifications, Knowledge, Skills and Abilities Education Bachelor's degree in Information Technology, Computer Science, Accounting, or Finance, required
Experience Two (2) or more years of experience within a public accounting firm or industry environment performing internal audit, IT audit, consulting or risk services, required
Experience with IT internal controls, including design and testing of controls, required
Experience with IT Audit and Sarbanes Oxley, with a focus in entities wide risk assessment, required
One (1) or more years of supervisory experience, preferred
Experience performing IT Security audits and third-party vendor risk assessments, preferred
License/Certifications CISA, CISM, CISSP, or other equivalent certification, preferred
Software Proficient in the use of Microsoft Office Suite, specifically Excel and Word, required
Experience auditing various mainstream ERP applications (i.e., SAP, Oracle, etc.), preferred
Experience with various IT audit applications and research tools, preferred
Working knowledge of data visualization and analytics software such as PowerBI, Alteryx, Tableau or other, preferred
Other Knowledge, Skills & Abilities Knowledge of:
Automated business systems, program change management controls, input, processing and output controls and related audit techniques
Various network architectures and operating systems
Network access security methods such as firewalls, proxies, virtual private networks, and IDS/IPS
Physical facilities and equipment access controls
Cloud security and third-party vendor risks
Logical data and application access controls
Disaster recovery and business continuity methods
Solid understanding and capable of planning and coordinating the stages to perform an IT audit
Knowledge of internal accounting controls, professional standards and regulations and systems
Strong verbal and written communication skills
Ability to adapt style and messaging to effectively communicate with professionals at all levels both within the client organization and the Firm
Ability to successfully multi-task while working independently and within a group environment
Superior analytical and diagnostic skills
Capable of working in a demanding, deadline driven environment with a focus on details and accuracy
Ability to adapt to rapidly changing environments successfully
Solid organizational skills, especially the ability to meet project deadlines with a focus on details
Capable of effective managing a team of professionals and delegating work assignments, as needed
Capacity to build and maintain strong relationships with client personnel
Ability to travel, as needed
Additional Information
Individual salaries that are offered to a candidate are determined after consideration of numerous factors including but not limited to the candidate's qualifications, experience, skills, and geography.
California Range: $85,000 - $100,000
Colorado Range: $85,000 - $100,000
Illinois Range: $85,000 - $100,000
Maryland Range: $85,000 - $100,000
Minnesota Range: $85,000 - $100,000
NYC/Long Island/Westchester Range: $85,000 - $100,000
Washington Range: $85,000 - $100,000
Washington DC Range: $85,000 - $100,000
#J-18808-Ljbffr
The Senior Associate, Data Risk & Security (DRS) will be responsible for providing risk consulting and issues resolution to clients in the areas of general IT controls, IT application controls, information technology process improvement, pre and post systems implementations, and IT security, specifically in a banking environment (commercial and/or retail banking). In this role, the Senior Associate, Data Risk & Security participates in all stages of IT internal audits or IT consulting engagements, and provides assistance with planning, field work, engagement wrap-up and report composition, along with providing recommendations to address client risks.
Job Duties Acts as primary contact for clients regarding basic questions and information
Develops and monitors budgets (budget-to-actual) for all assigned engagements
Conducts informational interviews, and facilitates meetings with clients during engagement process
Obtains information, documents and data from clients to support the completion of analysis and research of client issues
Documents and analyzes client processes, risks and controls, with guidance and direction from senior DRS professionals
Reviews client contracts and develops contract summaries, including key provisions and financial information based on type of contract
Develops initial deliverables and/or solutions to client issues
Reassesses risk, and communicates with other BDO professionals and/or client, as necessary
Assists with management of engagements to ensure engagement metrics are achieved
Utilizes research tools, databases and trade publications to develop an understanding of a client\'s industry
Develops relationships with client personnel and management members
Prepares formal and informal presentations for client meetings
Partners with RAS leadership to complete research and draft proposals and reports, as necessary
Implements project plans, and maintains all documentation and work papers associated with client engagements
Maintains the confidence of all documentation and work papers associated with client engagements
Conducts risk assessment of assigned department or functional area in established / required timeline, while overseeing staff
Establishes risk-based IT audit programs
Determines scope of review in conjunction with the engagement manager
Documents financial reporting cycles or internal audit area, and identifies key controls
Assesses internal control design and operational effectiveness
Conducts audit testing of specified area, and identifies reportable issues and dimension of risk
Determines compliance with appropriate legislation and/or audit policies and procedures
Communicates findings to senior management, and drafts comprehensive report of audited area
Stays abreast of current developments in IT technology, cloud services, IT security breaches, auditing standard updates and other emerging issues which may impact the audit process
Other duties as required
Supervisory Responsibilities Supervises the day-to-day workload of Data Risk & Security Associates on assigned engagements, and reviews work product
Ensures DRS Associates are trained on all relevant audit software and engagement processes and procedures
Delivers periodic performance feedback, and completes performance evaluations for DRS Associates
Acts as mentor to DRS Associates, as appropriate
Qualifications, Knowledge, Skills and Abilities Education Bachelor's degree in Information Technology, Computer Science, Accounting, or Finance, required
Experience Two (2) or more years of experience within a public accounting firm or industry environment performing internal audit, IT audit, consulting or risk services, required
Experience with IT internal controls, including design and testing of controls, required
Experience with IT Audit and Sarbanes Oxley, with a focus in entities wide risk assessment, required
One (1) or more years of supervisory experience, preferred
Experience performing IT Security audits and third-party vendor risk assessments, preferred
License/Certifications CISA, CISM, CISSP, or other equivalent certification, preferred
Software Proficient in the use of Microsoft Office Suite, specifically Excel and Word, required
Experience auditing various mainstream ERP applications (i.e., SAP, Oracle, etc.), preferred
Experience with various IT audit applications and research tools, preferred
Working knowledge of data visualization and analytics software such as PowerBI, Alteryx, Tableau or other, preferred
Other Knowledge, Skills & Abilities Knowledge of:
Automated business systems, program change management controls, input, processing and output controls and related audit techniques
Various network architectures and operating systems
Network access security methods such as firewalls, proxies, virtual private networks, and IDS/IPS
Physical facilities and equipment access controls
Cloud security and third-party vendor risks
Logical data and application access controls
Disaster recovery and business continuity methods
Solid understanding and capable of planning and coordinating the stages to perform an IT audit
Knowledge of internal accounting controls, professional standards and regulations and systems
Strong verbal and written communication skills
Ability to adapt style and messaging to effectively communicate with professionals at all levels both within the client organization and the Firm
Ability to successfully multi-task while working independently and within a group environment
Superior analytical and diagnostic skills
Capable of working in a demanding, deadline driven environment with a focus on details and accuracy
Ability to adapt to rapidly changing environments successfully
Solid organizational skills, especially the ability to meet project deadlines with a focus on details
Capable of effective managing a team of professionals and delegating work assignments, as needed
Capacity to build and maintain strong relationships with client personnel
Ability to travel, as needed
Additional Information
Individual salaries that are offered to a candidate are determined after consideration of numerous factors including but not limited to the candidate's qualifications, experience, skills, and geography.
California Range: $85,000 - $100,000
Colorado Range: $85,000 - $100,000
Illinois Range: $85,000 - $100,000
Maryland Range: $85,000 - $100,000
Minnesota Range: $85,000 - $100,000
NYC/Long Island/Westchester Range: $85,000 - $100,000
Washington Range: $85,000 - $100,000
Washington DC Range: $85,000 - $100,000
#J-18808-Ljbffr