Business Risk Services - Controls Advisory IT Audit - Manager
Boston, MA | direct hire
Our client is a national consulting firm with a business risk services team focused on cyber risks. Their cyber risk professionals help companies build cybersecurity strategy into the overall business strategy to fend off third-party, criminal and internal risk, and guard proprietary and customer data.
The Business Risk Services Controls Advisory IT Manager is responsible for all phases of project and engagement management for multiple clients in a wide variety of industries. Responsibilities include planning, directing, and completing internal audits, information technology control reviews, activities related to Sarbanes-Oxley 404 internal control projects; and developing and managing staff. The BRS IT Manager works closely with partners and staff on client management, practice development, and business development. The BRS IT Manager is responsible for an assigned group of clients.
Essential Duties and Responsibilities:
· Perform engagement management responsibilities, including performance reviews, task delegation, project scheduling, project economics and financials, quality review and client management
· Manage business development activities, such as proposals, capture, account teams, whitepapers, conferences, and/or other thought leadership material
· Adhere to the highest degree of professional standards and strict client confidentiality.
· Understand and manage firm risk on audits and proposals.
· Working with organizations to identify and manage IT risks within their strategy execution model
· Assist clients in applying key frameworks such as COBIT, NIST & ISO
· Developing IT components with enterprise risk management programs
· Leading IT risk assessments ranging from internal audits, system implementations and specialized IT areas (security, basis, access provisioning, etc.)
· Leading and executing IT audits and IT SOX engagements
· Apply current knowledge of IT trends and systems processes to identify security and risk management issues and other opportunities for improvement.
· Manage the evaluation and testing of IT processes and system controls and identification of areas of risk.
· Manage internal auditing outsourcing and co-sourcing engagements for clients.
· Think strategically about practice enhancements and be able to embrace and manage change.
· Meet or exceed sales targets for new and follow-on work
· Meet or exceed targeted billing hours (utilization)
· Maintain a good working relationship with clients and work effectively with client management and staff at all levels to gather information and perform services
· Work closely with managers and partners to promptly identify and resolve client problems or issues
· Communicate (verbally and in writing) externally with clients and internally with all levels of the organization to successfully accomplish objectives portraying knowledge and confidence
· Manage, develop, train, coach and mentor staff on projects and assess performance for engagement and year-end reviews
· Motivate others to perform at maximum efficiency without sacrificing quality of the services delivered
· Interview campus and/or experienced candidates
· Other duties as assigned
· Bachelor's degree in Accounting, Finance, Information Technology, MIS or related field. A Master’s degree is a plus.
· 6 to 10 years of related work experience in a similar consulting practice or function servicing cross-industry clients at a national level.
· CISA, CISSP, CIA or CISM license/certification.
· Experience performing technology risk assessments and audits, operational internal audits, as well as process control reviews.
· Areas of expertise should include at least some of the following: access control software, security architecture and administration, Internet use/firewalls, network security awareness and enforcement, security policies and standards, database security auditing, operating systems (Windows, UNIX, AS400).
· Strong experience in staff and audit management in an integrated client service team.
· Ability to manage and develop staff in a highly interactive team environment.
· Exceptional client service and communication skills with a demonstrated ability to develop and maintain outstanding client relationships.
· Ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced interactive, results-based team environment.
· Strong leadership, business development, recruiting, training, coaching, and mentoring skills, coupled with excellent written, interpersonal, and presentation skills.
· Ability to work additional hours as needed and travel on a regular basis to clients as required.
· Good familiarity with IIA’s Standards
· Practice development experience.
· Ability to work additional hours and/or travel as needed.