Job Description

Location: 100% Remote

Duration: Contract 6 months with potential to extend

• Grant Thornton is looking to hire a team of IT Controls Associates to support upcoming client initiatives.
• These Associates will actively participate in client engagements from start to completion, with a focus on executing and reporting on assigned project tasks.
• This includes co-sourced and outsourced IT internal audit, IT internal control assessments, IT risk management program assessments, tests of IT control design and operating effectiveness for Sarbanes-Oxley (SOX) and other compliance requirements, and helping clients design and implement IT controls.

Responsibilities:

• Obtain an understanding of clients' industry, objectives, strategy, operations, processes, IT systems, and controls
• Execute IT control design and operating effectiveness test procedures based on engagement scope, and client environment risk factors
• Bring an innovative and analytical mindset to help our clients solve business issues and enable more efficient project execution
• Work with the project team and client to deliver services in accordance with project leadership and client expectations
• Work collaboratively with colleagues across Advisory Business Lines (ABLs) and with other Grant Thornton Service Lines (e.g., Audit Services and Tax Services)
• Meet or exceed defined performance metrics, perform other duties as assigned

Qualifications:

• Bachelor's degree in Accounting, Finance, Information Technology, MIS, or a related field is required
• Minimum 1 year of related work experience with a professional services firm, or as part of a risk management, information security, or internal audit function
• Desire to pursue CISA, CISSP, CISM, CPA, CIA, or other relevant license/certification
• Experience in assessing the design and operating effectiveness of IT risk management or IT controls (IT general controls, application controls, interface controls, IT infrastructure controls, key report integrity, etc.) for Internal Audit, SOX compliance, System & Organization Control (SOC) reporting, or other risk, compliance, or assurance activities
• Understanding of current IT risk and control focus areas of external financial statement auditors
• Understanding of IT risk management and cybersecurity risk management standards (COBIT, NIST CSF, etc.)
• Ability to execute multiple engagements and completing priorities in a rapidly growing team environment
• Exceptional client service, communication, analytical, organizational and project management skills
• Strong computer skills, including proficiency in Microsoft Visio and Office Suite applications
• Can travel as needed

Interview Process:

• 30 minute interview with Manager
• 30 minute interview with Manager and Colleague

Sample IT Controls Candidate Bio:

PROFESSIONAL SUMMARY

Experienced professional with a strong background in risk management, compliance, and IT controls. Skilled in conducting risk assessments, evaluating security controls, and implementing compliance frameworks such as NIST and ISO 27001. Proven ability to thrive in fast-paced environments, adapt to change, and communicate technical matters to non-technical audiences.

PROFESSIONAL EXPERIENCE

Senior Consultant, Technology Risk Audit

Led IT Audit walkthroughs for Key Reports/IPE Reports, IT Automated Controls, and IT General Controls, ensuring compliance with security requirements

Conducted comprehensive evaluations of client security controls and IT environments, identifying process and control gaps

Coordinated with global and cross-functional teams, proactively communicated with stakeholders, and trained new associates on security controls and risk management

Developed documentation on risk reduction and remediation strategies aligning with SOX regulations and business objectives

Senior Technology Risk Consultant

Developed new SOX Compliance IT risk frameworks and internal controls focused on digital asset risk management, DeFi activity, and cryptocurrency exchanges

Led and trained team, overseeing the completion of protocol audits for top 100 digital assets on the market

Developed CPE/training materials to educate senior executives on blockchain technology and audit methodologies

Created process and data flow diagrams for major cryptocurrency exchanges and custodians

Conducted risk assessments and developed mitigation strategies for emerging technologies in the fintech sector

Technology Risk Consultant

Built internal audit program for Pre-IPO Readiness, covering 150+ IT and technology risk controls

Implemented a new risk assessment methodology,

Conducted thorough reviews of vendor and customer contracts to identify potential IT internal control risks or requirement

Developed comprehensive process narratives for IT operations, enhancing stakeholders' understanding of control frameworks

Evaluated requests for exceptions to IT policies, ensuring sufficient mitigating controls were in place

Gained comprehensive understanding of financial risk management, regulatory compliance, and technology controls in high-growth environments

SKILLS & INTERESTS

Certifications: Certified Information Systems Auditor (CISA), CISSP Certification, Google Cybersecurity Professional, Microsoft Generative AI for Data Analysis Professional Certificate, Google Cloud Cybersecurity

Expertise: IT General & Automated Controls, SOC 1 and SOC 2 Reports, ICFR Reporting, GRC Risk Management, Blockchain Technology, NIST 800/ISO 27001 Security Frameworks, COBIT Governance Framework, ITIL Framework, Internal audit execution, Control testing, Risk management, Technology and security controls, ISO 27001, Data analytics and automation

Technical Skills: Microsoft Office Suite, SQL, Python, Excel VBA, Solidity,

Required Skills : SOX,Risk Management

Basic Qualification :

Additional Skills :

Background Check : No

Drug Screen : No

Job Tags

Similar Jobs