IT Risk Senior Associate
Description:
Description
As an IT Risk Senior Associate, you will get the opportunity to grow and contribute to our clients' business needs by helping them understand their business risks and assist in addressing risk in both proactive and responsive contexts for the Risk, Compliance & Controls Practice – all with the resources, environment, and support to help you excel. You’ll collaborate with teams to execute and report on risk management, internal control and internal audit engagements that develop, assess, or improve the design and operating effectiveness of IT risk management and internal control activities.
From day one, you’ll be empowered by the greater Risk team to help clients make the moves that will help them achieve their vision and help you achieve more, confidently.
Your day-to-day may include:
Actively participate in client engagements from start to completion, with a focus on executing and reporting on assigned project tasks that include co-sourced and outsourced IT internal audit, IT internal control assessments, IT risk management program assessments, tests of IT control design and operating effectiveness for Sarbanes-Oxley (SOX) and other compliance requirements, and helping clients design and implement IT controls
Obtain an understanding of clients’ industry, objectives, strategy, operations, processes, IT systems, and controls
Execute IT control design and operating effectiveness test procedures based on engagement scope, and client environment risk factors
Bring an innovative and analytical mindset to help our clients solve business issues and enable more efficient project execution
Work with the project team and client to deliver services in accordance with project leadership and client expectations
Work collaboratively with colleagues across Advisory Business Lines (ABLs) and with other Grant Thornton Service Lines (e.g., Audit Services and Tax Services)
Meet or exceed defined performance metrics
Other duties as assigned
You have the following technical skills and qualifications:
Bachelor’s degree in Accounting, Finance, Information Technology, MIS, or a related field is required
Minimum 2 years of related work experience with a professional services firm, or part of an internal audit function
CISA, CISSP, CISM, CPA license/certification preferred
Understanding of IT risk management and cybersecurity risk management standards (COBIT, NIST CSF, etc.)
Experience in assessing the design and operating effectiveness of IT risk management and IT controls (IT general controls, application controls, etc.) for Internal Audit, SOX compliance, or other risk management activities
Experience assessing configuration and controls of ERP systems (SAP, Oracle, PeopleSoft, JD Edwards) a plus
Experience assessing configuration and controls of SAP ECC, S/4 HANA, etc. (BASIS and security administration, process controls, etc.) a plus
Strong understanding of IT general controls, and current focus areas of external financial statement auditors
Experience assessing GRC and Identity and Access Management (IAM) solutions a plus
Experience assessing at least one (preferably multiple) operating system (OS/400, Windows, UNIX, etc.), database system (Oracle, SQL, etc.), and IT infrastructure / network component (domain controllers, firewalls, routers, intrusion prevention / detection solutions, etc.)
Experience with ACL, IDEA, QlikView, QlikSense, Tableau, Spotfire, or other analytics and visualization solutions
Ability to execute multiple engagements and completing priorities in a rapidly growing team environment
Exceptional client service, communication, analytical, organizational and project management skills
Strong computer skills, including proficiency in Microsoft Visio and Office Suite applications
Can travel as needed
The base salary range for this position in the firm's San Jose and San Francisco office only is between $101,200 to $151,800.
#ITRisk