IT Manager, Risk Advisory Services

The Manager, Data Risk & Security (DRS) will be responsible for supervising a team of RAS professionals in the review, documentation, evaluation and testing of general controls in a wide range of technology environments to analyze system security and access controls, backup recovery procedures and IS organization and administration practices. Additionally, the role will be charged with managing all aspects of an IT internal audit, IT SOX or consulting engagement to include planning, field work, engagement wrap up and report composition, along with providing recommendations regarding client risks. The Manager, Data Risk & Security will also be responsible for providing suggestions to improve the IT internal controls and procedures of assigned clients.

Job Duties:

• Documents and tests application and automated controls on a wide range of software application packages


• Prepares audit reports and recommendations associated with audit work performed


• Identifies opportunities to utilize automation and AI and manages the implementation of those techniques, as appropriate


• Participates in the review of IT internal controls based on Sarbanes-Oxley Act requirements


• Communicates to the client areas to strengthen controls, mitigate risks and/or increase efficiency


• Identifies key technology and data risks and assesses their impact and likeliness of occurrence


• Establishes engagement budget, makes pricing scope changes and prepares billings


• Utilizes research tools, databases and trade publications to develop understanding of client's industry


• Manages SAP controls


• Prepares formal and informal presentations for client meetings


• Participates in marketing and business development activities within practice


• Completes research and draft proposals and reports


• Recognizes technical concerns or issues and communicates those concerns with internal and client management


• Plans and executes the audit work on assigned engagements


• Recognizes and validates relevant technical issues and brings them to the attention of client management


• Reviews the work product of staff


• Ensures technology is appropriately integrated into the audit process


• Acts as primary client contact for all questions and issues


• Communicates suggested improvements to processes, controls and risk management capabilities to client management and audit committees


• Analyzes the client's processes, risk and controls


• Develops and maintains relationships with client personnel and management


• Documents controls, tests performed and results


• Supervises the day-to-day workload of DRS Senior Associates and Associates on assigned engagements and reviews work product


• Ensures DRS Senior Associates and Associates are trained on all relevant software


• Evaluates the performance of DRS Senior Associates and Associates and assists in the development of goals and objectives to enhance professional development


• Delivers periodic performance feedback and completes performance evaluations for DRS Senior Associates and Associates


• Acts as mentor to DRS Senior Associates and Associates, as appropriate


• May act as a Career Advisor to Associates or Senior Associates

Required Qualifications:

• Bachelor's degree in Accounting, Finance, Management Information Systems, or Business Intelligence, required


• Certificate of Internal Auditor ("CIA"), Certified Information System Auditor ("CISA"), Certified Information Systems Security Professional (CISSP), or equivalent certifications, required


• Six (6) or more years of experience within a public accounting firm or Fortunate 1000 company performing IT Sarbanes-Oxley, IT internal audit, consulting or risk services as a Technology Subject Matter Expert, required


• Two (2) or more years of supervisory experience, required


• Exposure to industry software such as SAP application software packages


• Prior experience performing systems audits and audits of application controls, required


• Prior experience with IT internal controls including flowcharts, documentation and testing of controls, required


• Prior experience conducting IT audit planning, developing audit programs, performing testing and preparing work papers, required


• Experience in the use of various assurance applications and research tools as is appropriate for this level, required

Preferred Qualifications: