- IT Auditing
- ISO 27001
- Project Management
- Microsoft Word
Frank, Rimerman + Co. LLP's Assurance & Advisory department is currently seeking an experienced IT Risk Management Senior Associate to be based out of our San Francisco office. The Senior Associate will work on a range of IT-based compliance assignments predominantly with SaaS companies, in and around the SF Bay Area. They will report to and work closely with Senior Management in the Assurance group. As an individual contributor, this role will require a tactical level of experience to drive IT compliance efforts; including but not limited to:
Service Organization Controls (SOC) audits for the SOC 1, SOC 2, SOC 3 reports
ISO 27001:2013 internal and certification audits
SOX IT and project-based IT compliance
Essential Duties and Responsibilities:
Gain comprehensive understanding of a client’s technical platform, operations, processes, and controls.
Work with the team and the client to plan a project strategy, define the objectives, and address technology-related controls risks and issues.
Conduct the review of operational and IT processes, provide management with an assessment of risks, internal controls design and the overall effectiveness and efficiency of the processes.
Conduct testing of IT related controls and identify areas of control exceptions.
Provide timely updates to clients and supervisors regarding progress and issues that may impair successful completion of specific tasks and overall project.
Supervise, train, and mentor consultants and interns on projects.
Apply knowledge of IT trends and IT systems processes to identify engagement issues and risk management issues.
Maintain a good working relationship with management and staff at all levels to enhance client satisfaction.
Attend professional development and training sessions on a regular basis.
Perform other job-related duties as necessary.
3+ years of experience delivering IT audit projects, including risk assessments, system reviews and IT controls testing.
BA/BS degree from an accredited college/university in Business, Information Systems Management or Computer Science (or equivalent) is required. Passing tests or certification for at least one of the following is preferred: CISA, ISO 27001 LI or LA, CISM and/or CISSP.
Strong interpersonal skills with the demonstrated ability to build relationships and gain the confidence and respect of clients and peers. Strong client service mentality and demeanor.
Proven project management skills with the ability to manage multiple concurrent projects.
Excellent written and oral communications skills; attention to detail is essential.
Demonstrated analytical skills.
Advanced proficiency in basic PC applications (MS Excel, Word, PowerPoint, Visio).
Ability to work additional hours as needed and travel to various client sites around the SF Bay Area (no out of the area travel).