IT Risk Advisory Manager
Clearview is a dynamic CPA and management consulting firm, committed to a culture of excellence, offering audit, income tax, accounting & finance, risk advisory, managed IT, HR and other services. They are rapidly growing and seeking full-time Managers in their IT Risk Advisory (Internal IT Audit) practice, based out of their Corporate office in Owings Mills, Maryland. This is a 100% remote opportunity. However, travel to client/prospect meetings, conferences, etc. will be required based on business needs.
IT Risk Advisory Managers lead information technology audits, operational risk-based audits and consulting engagements to include assessing risks, developing audit plans and programs, performing audits, and evaluating/reporting on internal controls. These Managers also conduct day-to-day project management activities on all their engagements including project plan development, status update deliveries to clients & internal leaders, and training & mentoring of Staff and Senior Consultants.
Specific responsibilities entail:
• Gaining an understanding of assigned clients' objectives as well as their regulatory and risk management environment
• Communicating extensively with clients to drive expectations and report on the status of ongoing projects
• Setting priorities, ensuring daily coordination among the project team, and monitoring progress against schedules, budgets, project/task deliverables and status reporting
• Planning, reviewing, and providing direction for the work of Staff and Senior Consultants
• Managing and motivating Consultants with various backgrounds and skill sets
• Obtaining and analyzing data as a basis for reviewing the adequacy, effectiveness, and efficiency of systems and processes
• Leading IT general controls (ITGC) audits
• Maintaining the level of technical competency and professional care required for the completion of assignments in accordance with auditing standards and related control techniques
• Evaluating processes and controls for compliance with relevant existing or proposed laws and regulations, established policies, plans and procedures
• Assessing internal controls' design adequacy to mitigate financial, operational and compliance risks and to test their operating effectiveness
• Developing and implementing audit programs and procedures, then reviewing each for adequacy
• Preparing audit reports and recommending improvements to IT controls and operational processes
• Delivering oral and written presentations during and at the conclusion of audits
• Presenting findings, risk analyses, and recommendations to executive leadership
• Staying abreast of new technology, emerging risk areas, and related control techniques
• Appraising the adequacy of corrective actions taken to remediate deficiencies identified during audits
• Participating in pre-and post-implementation control reviews of major system development proposals
• Providing exceptional service to clients, always serving as a positive brand ambassador for the firm
• Maintaining a network of industry contacts and establishing new long-term relationships
• Contributing to business development activities
What is required for consideration?
• Bachelor's and/or Master's degree in Management Information Systems, Computer Science, Information Technology, Cybersecurity, or another relevant field
• Information Systems Auditor Certification (CISA)
• Minimum of five (5) years of current or recent IT Audit, IT Risk, and/or IT Compliance experience including at least one (1) year with a consulting firm
• Minimum of one year of current or recent experience servicing commercial consulting clients
• Knowledge across the following technologies: AWS, Azure, Salesforce, Office 365, JIRA/Confluence, Active Directory, and Relational Databases (MySQL, SQL Server, etc.)
• Expertise with at least two of the following regulations/frameworks: SOX, SOC 1 & 2, NIST CSF, ISO 27001, HIPAA, PCI, COBIT and/or GDPR
• Demonstrated knowledge of business risks and effective systems of internal controls
• Working knowledge of operating policies and standards as well as compliance issues
• Experience reviewing, considering, criticizing, and/or auditing IT and operational controls or process improvements
• Project management experience including workflow balancing, activity scheduling, problem solving facilitation, prioritizing multiple complex tasks, and meeting deadlines
• Experience effectively mentoring, coaching, and developing employees
• Unwavering integrity and ethics
• Experience interacting with clients, establishing credibility, trust and healthy relationships
• Demonstrable examples of innovative thinking and problem solving
• Strong communication skills with the ability to convey complex auditing information and business risks to non-technical audiences
• Effective public speaking skills with the ability to prepare and deliver presentations
• Willingness and ability to travel, on occasion, to client sites across the country, as dictated by business need
What is preferred for consideration?
• Minimum five (5) years of IT Audit, IT Risk, and/or IT Compliance experience servicing commercial clients with a management consulting firm(s)
• Experience conducting deep dive cybersecurity assessments
• Experience managing / supervising direct reports
• CISSP CISM CGEIT CRISC CIA CPA ****must have at least one of the following certifications: CPA, CISA, CIA, and/or CISSP Certification*******
• Approved States: Arizona, Delaware, Florida, Georgia, Iowa, Kentucky, Maryland, Michigan, New York (Not NYC), New Hampshire, North Carolina, North Dakota, Ohio, Pennsylvania, Tennessee, Texas, Virginia, Wisconsin