Our IT Assurance practice is a leader in providing trust and transparency solutions for its clients in a wide variety of industries. As a Senior IT Audit Consultant, you’ll work closely with team members and clients using cutting edge technologies such as cloud-native environments, Artificial Intelligence, and SaaS solutions to help our clients solve complex issues and mitigate risk. This role is a great opportunity for anyone passionate about information technology, and who is looking to step into a highly visible role with a diverse set of clients across the US. 

A role at LBMC will help you acquire the diverse skills, exceptional coaching, and unique experiences you need to accelerate your career. We pride ourselves on our exceptional retention rates, employee satisfaction scores, and promotion-from-within mentality. As a remote or local employee, you would be joining a progressive office in Nashville, and receive mentorship from innovative team members and industry experts. Fully remote work may be available to qualified candidates, but travel will be required as requested by clients.

LBMC Senior IT Audit Consultant team members will typically be assigned to rotating client accounts and complete IT Audit projects based on client needs and stakeholder timelines, so this is a great opportunity for anyone looking to work in a fast-paced environment where no two weeks are the same. High-performing candidates have a clearly defined path for advancement to upper-level management and Shareholder roles within LBMC. This role is specifically allocated for our growing HITRUST practice, meaning 90% of work would be related to HITRUST engagements.

SCOPE OF WORK 

As a Senior IT Audit consultant, you’d be part of a team directly helping our clients solve complex issues:

• Conducts risk-based assessments under the HITRUST frameworks

• Assists with ad-hoc IT Assurance engagements related to SOC1, SOC2, HIPAA, and HITRUST

• Possesses a strong understanding of healthcare operations and industry, including working with the HIPAA Security and Privacy Rules, SOC, and HITRUST frameworks

• Performs HITRUST and SOC IT control testing in accordance with defined testing plans

• Documents testing in an effective way that thoroughly explains the procedures performed as well as the related results

• Takes responsibility for seeing an assigned job all the way to its ultimate delivery to the client by the agreed due date

• Trains and develops staff the technical skills of Staff and Intern IT Auditors, reviewing work and providing constructive feedback for improvement. Serves as the primary contact for Staff and Intern team members to assist in assigning and reviewing work

• Continues to develop technical skills and stay on top of the latest industry trends related to IT auditing, information security, and consulting, with a specific focus on honing HITRUST CSF training and SOC 2 reporting

• Joins committees and/or volunteers for leadership roles within community/civic organizations for which he/she is a member

• Works diligently building relationships with key stakeholders at client organizations to continue to foster a long-term partnership between the LBMC Audit Department and external clients. High-performing individuals will be alert to client needs for the possible expansion of services to other LBMC service lines

• Adheres to LBMC’s defined processes and procedures including the firm's policy on privacy and client confidentiality. Knows and follows the rules, regulations, and the Code of Professional Conduct of the AICPA, the Tennessee Society of CPAs, the Tennessee Board of Public Accountancy, and other regulating bodies as appropriate

IDEAL CANDIDATE PROFILE

• Bachelor's Degree 

• 3 years of IT Audit and/or security risk assessment experience with progressive work responsibilities 

• Understanding of SOX, FISMA, SSAE 16, SOC1, SOC2, and/or ISO reporting experience is preferred, HITRUST work is required

• CPA, CIA, CISA, CISSP, CCSFP or other related certifications highly preferred 

• Ability to travel to client sites as required by clients
• This position may sit fully remote but qualified candidates will have the flexibility to travel to the office and client sites as needed