The IT Audit Managing Consultant is responsible for leading multiple engagement teams, working with a wide variety of clients to deliver professional services, and managing business development activities on strategic accounts specific to IT Audit engagements. This includes IT control/SOX compliance and assessment, information security, and data security.
Primary Duties & Responsibilities
Engagement Management
- Drive business development activities in a diverse client portfolio.
- Manage the portfolio of IT audit and risk management engagements.
- Lead the IT audit function as a team.
- Develop a thorough understanding of business processes in scope for assigned audits and document the processes in flowcharts and/or process narratives.
- Develop a risk-based test plan by selecting appropriate audit approaches, test procedures, and sampling criteria.
- Ensure proper and efficient execution of the plan in accordance with the Firm's quality standards.
- Review reports to the Leadership providing concise and accurate information on the condition of the unit, adequacy of operations/processes, and conditions of portfolios.
- Ensure that the planned work is appropriately completed to satisfy the engagement objectives and support the report.
- Perform related and ad hoc tasks for this job. Perform other duties and responsibilities as may be delegated or assigned by the Audit & Assurance Partner.
Relationship Management
- Drive business development activities in a diverse client portfolio.
- Build and maintain deep relationships with clients/C-Suites and other stakeholders to understand their challenges and align the right solutions.
- Provide timely feedback to staff assistants about their job performance, i.e., their strong and weak points and areas for improvement.
- Keep clients aware of significant developments in IT governance, cybersecurity, and risk management.
- Provide immediate assistance and/or advice for the professional needs of clients.
People Management And Administrative Functions
- Provide mentoring and coaching to team members to contribute to the value provided to clients.
- Provide timely feedback to staff assistants about their job performance.
- Accomplish and discuss Performance Review Reports (PRRs) of staff assistants immediately after every engagement.
- Participate in an annual performance review process through deliberations on the overall performance of staff assistants.
Professional Development
- Take charge of your professional development.
- Attend in-house or relevant external seminars and training sessions as a participant or facilitator for continuous professional development and enhancement of technical skills and competence.
- Obtain necessary certifications expected of the position as prescribed in the policy.
Qualifications
- Must be a graduate of a Bachelor's degree in Accountancy, Internal Audit, Information Technology, Computer Science, or a related field (with certifications)
- With at least 5 years of relevant work experience in IT audit, IT risk management, or cybersecurity assessments.
- In-depth understanding of internal audit methodologies, best practices, and standards on risk assessment, control frameworks, and compliance requirements.
- Familiarity with auditing information systems, networks, databases, and applications, as well as cybersecurity engagements.
- Experience in evaluating internal controls, identifying control weaknesses, and making practical recommendations for improvement.
- Experience in conducting Network and Vulnerability Assessment and Penetration Testing (VAPT).
- Strong organization and project management skills.
- Demonstrates integrity, values, principles, and work ethics.
Preferred Qualifications
- Professional certification such as Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Certified Public Accountant (CPA).
- Relevant experience and knowledge in application security and ERP implementation projects.
