BDO USA
Overview
The Senior Associate, Data Risk & Security (DRS) will be responsible for providing risk consulting and issues resolution to clients in the areas of general IT controls, IT application controls, information technology process improvement, pre and post systems implementations, and IT security, specifically in a banking environment (commercial and/or retail banking). In this role, the Senior Associate, Data Risk & Security participates in all stages of IT internal audits or IT consulting engagements, and provides assistance with planning, field work, engagement wrap-up and report composition, along with providing recommendations to address client risks. Responsibilities
Acts as primary contact for clients regarding basic questions and information Develops and monitors budgets (budget-to-actual) for all assigned engagements Conducts informational interviews, and facilitates meetings with clients during engagement process Obtains information, documents and data from clients to support the completion of analysis and research of client issues Documents and analyzes client processes, risks and controls, with guidance from senior DRS professionals Reviews client contracts and develops contract summaries, including key provisions and financial information based on type of contract Develops initial deliverables and/or solutions to client issues Reassesses risk, and communicates with other professionals and/or client as necessary Assists with management of engagements to ensure engagement metrics are achieved Utilizes research tools, databases and trade publications to understand a client’s industry Develops relationships with client personnel and management Prepares formal and informal presentations for client meetings Partners with leadership to complete research and draft proposals and reports as necessary Implements project plans, and maintains documentation and work papers associated with client engagements Maintains the confidence of all documentation and work papers associated with client engagements Conducts risk assessment of assigned department or functional area in established timelines, while overseeing staff Establishes risk-based IT audit programs and defines scope of review in conjunction with the engagement manager Documents financial reporting cycles or internal audit areas, and identifies key controls Assesses internal control design and operational effectiveness Conducts audit testing of specified areas, and identifies reportable issues and risk dimensions Determines compliance with applicable laws, regulations and audit policies Communicates findings to senior management, and drafts comprehensive audit reports Stays informed of current developments in IT technology, cloud services, IT security, auditing standards, and other emerging issues Other duties as required Supervisory Responsibilities
Supervises the day-to-day workload of Data Risk & Security Associates on assigned engagements, and reviews work products Ensures DRS Associates are trained on relevant audit software and engagement processes Delivers periodic performance feedback and conducts performance evaluations Acts as mentor to DRS Associates as appropriate Education
Bachelor’s degree in Information Technology, Computer Science, Accounting, or Finance, required Experience
Two (2) or more years of experience in internal IT audit, IT audit, consulting, or risk services Experience with IT internal controls, including design and testing of controls Experience with IT Audit and Sarbanes-Oxley, with focus on enterprise risk assessment One (1) or more years of supervisory experience, preferred Experience performing IT security audits and third-party vendor risk assessments, preferred Licenses/Certifications
CISA, CISM, CISSP, or other equivalent certification, preferred Software
Proficient in Microsoft Office Suite (Excel and Word), required Experience auditing ERP applications (e.g., SAP, Oracle), preferred Experience with IT audit applications and research tools, preferred Working knowledge of data visualization and analytics software (Power BI, Alteryx, Tableau, or similar), preferred Other Knowledge, Skills & Abilities
Knowledge of automated business systems, change management controls, and related audit techniques Knowledge of network architectures, operating systems, security methods (firewalls, VPNs, IDS/IPS) Cloud security and third-party vendor risk awareness Disaster recovery and business continuity concepts Strong verbal and written communication skills and the ability to interact with professionals at all levels Ability to multi-task, work independently and in a team, meet deadlines with accuracy Strong analytical and organizational skills and the ability to lead a team Willingness to travel as needed Equal Opportunity
Equal Opportunity Employer, including disability/vets.
#J-18808-Ljbffr
The Senior Associate, Data Risk & Security (DRS) will be responsible for providing risk consulting and issues resolution to clients in the areas of general IT controls, IT application controls, information technology process improvement, pre and post systems implementations, and IT security, specifically in a banking environment (commercial and/or retail banking). In this role, the Senior Associate, Data Risk & Security participates in all stages of IT internal audits or IT consulting engagements, and provides assistance with planning, field work, engagement wrap-up and report composition, along with providing recommendations to address client risks. Responsibilities
Acts as primary contact for clients regarding basic questions and information Develops and monitors budgets (budget-to-actual) for all assigned engagements Conducts informational interviews, and facilitates meetings with clients during engagement process Obtains information, documents and data from clients to support the completion of analysis and research of client issues Documents and analyzes client processes, risks and controls, with guidance from senior DRS professionals Reviews client contracts and develops contract summaries, including key provisions and financial information based on type of contract Develops initial deliverables and/or solutions to client issues Reassesses risk, and communicates with other professionals and/or client as necessary Assists with management of engagements to ensure engagement metrics are achieved Utilizes research tools, databases and trade publications to understand a client’s industry Develops relationships with client personnel and management Prepares formal and informal presentations for client meetings Partners with leadership to complete research and draft proposals and reports as necessary Implements project plans, and maintains documentation and work papers associated with client engagements Maintains the confidence of all documentation and work papers associated with client engagements Conducts risk assessment of assigned department or functional area in established timelines, while overseeing staff Establishes risk-based IT audit programs and defines scope of review in conjunction with the engagement manager Documents financial reporting cycles or internal audit areas, and identifies key controls Assesses internal control design and operational effectiveness Conducts audit testing of specified areas, and identifies reportable issues and risk dimensions Determines compliance with applicable laws, regulations and audit policies Communicates findings to senior management, and drafts comprehensive audit reports Stays informed of current developments in IT technology, cloud services, IT security, auditing standards, and other emerging issues Other duties as required Supervisory Responsibilities
Supervises the day-to-day workload of Data Risk & Security Associates on assigned engagements, and reviews work products Ensures DRS Associates are trained on relevant audit software and engagement processes Delivers periodic performance feedback and conducts performance evaluations Acts as mentor to DRS Associates as appropriate Education
Bachelor’s degree in Information Technology, Computer Science, Accounting, or Finance, required Experience
Two (2) or more years of experience in internal IT audit, IT audit, consulting, or risk services Experience with IT internal controls, including design and testing of controls Experience with IT Audit and Sarbanes-Oxley, with focus on enterprise risk assessment One (1) or more years of supervisory experience, preferred Experience performing IT security audits and third-party vendor risk assessments, preferred Licenses/Certifications
CISA, CISM, CISSP, or other equivalent certification, preferred Software
Proficient in Microsoft Office Suite (Excel and Word), required Experience auditing ERP applications (e.g., SAP, Oracle), preferred Experience with IT audit applications and research tools, preferred Working knowledge of data visualization and analytics software (Power BI, Alteryx, Tableau, or similar), preferred Other Knowledge, Skills & Abilities
Knowledge of automated business systems, change management controls, and related audit techniques Knowledge of network architectures, operating systems, security methods (firewalls, VPNs, IDS/IPS) Cloud security and third-party vendor risk awareness Disaster recovery and business continuity concepts Strong verbal and written communication skills and the ability to interact with professionals at all levels Ability to multi-task, work independently and in a team, meet deadlines with accuracy Strong analytical and organizational skills and the ability to lead a team Willingness to travel as needed Equal Opportunity
Equal Opportunity Employer, including disability/vets.
#J-18808-Ljbffr