IT Audit Senior

About the role

UHY is one of the nation's largest professional services firms providing audit, tax, consulting and advisory services to clients primarily in the dynamic middle market. We are trailblazers who bring our experience from working within numerous industries to our clients so that we can provide them with a 360-degree view of their businesses. Together with our clients, UHY works collaboratively to develop flexible, innovative solutions that meet our clients' business challenges. As an independent member of UHY International, we are proud to be a part of a top 20 international network of independent accounting and consulting firms.

Benefits

Additional Information

JOB SUMMARY As a Technology Risk and Compliance (TRC) Senior, you will focus on helping clients understand and mitigate their technological and cybersecurity risks, in addition to building and maintaining positive client relationships. The TRC team's service offerings include SOC 1®, SOC 2®, PCI, ISO 27001, HIPAA, and many other IT risk and control frameworks. There are numerous consulting opportunities related to assessing IT and cybersecurity risks for multi-national and local clients. You will build fundamental knowledge and technical skills to be successful in the growing field of Information Technology Risk and Compliance services. JOB DESCRIPTION IT Control Attestations Work directly with IT Audit Managers and clients to gain an understanding of the client's IT systems, infrastructure, and control environment Apply that understanding to a variety of IT risk and control frameworks such as SOC, PCI, HIPAA, ISO, FFIEC, NIST, CIS Security and many others IT Risk Assessments Understand the clients and their stakeholders to assist with an independent assessment of their IT risks and be involved with developing various types of reports and presentations to stakeholders IT Risk Assessments Understand the clients and their stakeholders to assist with an independent assessment of their IT risks and be involved with developing various types of reports and presentations to stakeholders Controls Testing: Working directly with IT Audit Managers to develop and follow audit plans to evaluate the design and operational effectiveness of client controls Documentation: Clearly document the procedures, results of tests, and conclusions performed during control testing Training and Support: Work with junior level staff and interns to provide training and support throughout the course of engagements. Review their work and provide feedback Quality control Ensure quality control procedures are being executed under direction of engagement supervisor, and perform thorough self-review of all work prior to submission Administration Track time and maintain designated chargeable hours for the year Supervisory responsibilities You will supervise IT Audit Staff and interns throughout engagements. You will review their work and provide feedback to the staff and to the IT Audit Managers Work environment Work is conducted in a professional office environment with minimal distractions Physical demands Prolonged periods of sitting at a desk and performing work in front of a computer screen for long periods of time Must be able to lift up to 15 pounds at a time Travel required Some travel is required. The TRC team meets twice a year at various offices in the county. Some client travel may be required. Required education and experience Bachelor's degree in accounting, information systems, or similar with an interest in information technology A minimum of 2 - 4 years of related internal audit and IT audit experience Must have a desire to work toward achieving one or more of the following certifications: Certified Public Accountant (CPA) Certified Information Systems Auditor (CISA): ISACA's globally recognized cornerstone certification for IS, audit, control, assurance, and security professionals who control, monitor, and assess an organization's information technology and business systems Certified Information Systems Security Professional (CISSP): An independent information security certification governed by the International Information Systems Security Certification Consortium, also known as ISC², which provides security training to information assets Certified Information Security Manager (CISM): ISACA's certification program for those who manage, design, oversee, or assess an enterprise's information security Other duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the colleague for this job. Duties, responsibilities and activities may change at any time with or without notice.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at uhyus? Share your experience