Manager – IT Risk Advisory

This is a fully remote position, open to applicants in India.

📋 Description

• Develop a comprehensive understanding of assigned clients’ business goals, IT infrastructure, and relevant regulatory and risk management frameworks.

• Spearhead projects concerning IT General Controls (ITGC) assessments, Sarbanes-Oxley (SOX) IT compliance, ERP/application control evaluations, and cybersecurity risk assessments.

• Utilize expertise in industry-specific systems, applications, and infrastructure to pinpoint technology risks and assess their implications on business and financial reporting.

• Evaluate the design and operational effectiveness of IT controls pertaining to access management, change management, system operations, and data integrity.

• Collect and analyze system-generated data, configurations, and logs to assess control environments and identify deficiencies.

• Exhibit proficiency in creating IT control process flows, risk/control matrices, and testing strategies for both general and automated application controls.

• Uphold the necessary technical competency and professional diligence required for assignment completion in alignment with COSO, COBIT, and ISO auditing standards and related control methodologies.

• Establish priorities, ensuring daily collaboration among the project team, while tracking progress against schedules, budgets, project/task deliverables, and status updates.

• Plan, review, and guide the work of Staff and Senior Consultants.

• Engage in extensive communication with clients to manage expectations and provide updates on the status of ongoing projects.

• Present both orally and in writing during and after projects, recommending enhancements or addressing any operational or financial shortcomings to executive leadership.

• Keep informed on emerging risk areas, IT advancements, and associated control techniques.

• Cultivate and sustain a network of industry connections while forging new long-term relationships.

⛳️ Requirements

• Bachelor’s and/or Master’s degree in Accounting, Finance, Management Information Systems, or a related field.

• Relevant certifications are preferred, such as CISA, CISSP, CISM, CGEIT, or CIPP; CPA or CIA is also appreciated but not mandatory.

• At least 5 years of experience as an IT auditor or IT risk advisor in a public accounting firm or other operational roles focused on information technology compliance.

• Proven knowledge of IT risk management, general and application controls, cybersecurity principles, and regulatory frameworks such as SOX, NIST, or ISO.

🏝️ Benefits

• Comprehensive benefits package including medical, dental, and vision insurance.

• 401(k) plan with company matching.

• Paid Time Off (PTO).