Job Description
The Managing Consultant (IT Audit) leads complex IT audit, technology risk, and cybersecurity engagements with a strong focus on IT governance, IT security, IT infrastructure, and IT operations. The role emphasizes IT controls, SOX compliance, and a broad range of cybersecurity and technology assurance reviews, including vulnerability management and security testing activities.
This position requires an audit‑first professional with solid technical depth—capable of leading and executing a wide spectrum of IT audit and cybersecurity engagements while translating technical findings into clear, risk‑based insights for clients and senior stakeholders.
Key Responsibilities
- Lead, manage, and deliver multiple concurrent IT audit, IT controls, SOX, and technology risk engagements across various clients and environments.
- Develop and execute risk‑based IT audit and technology assurance plans aligned with Firm methodologies and quality standards.
- Perform and oversee a wide range of IT audit and IT‑related reviews, including:
- IT governance and IT risk management
- Information security and cybersecurity programs
- IT infrastructure and cloud environments
- IT operations, access management, and change management
- Plan and oversee security‑related audit procedures, which may include vulnerability assessments, penetration testing, configuration reviews, and other security testing activities as part of broader audit and risk engagements.
- Conduct and review:
- ITGC and ITAC assessments
- Information security, cybersecurity, and data privacy reviews
- Cloud, infrastructure, and network security reviews
- Post‑implementation reviews of systems and technology projects
- Assess the design and operating effectiveness of IT General Controls, application controls, and system security controls across multiple engagements; identify gaps and recommend practical, risk‑focused improvements.
- Review, finalize, and present IT audit and technology risk reports, ensuring findings are clear, consistent, and aligned with business, regulatory, and risk priorities.
- Contribute to business development efforts by supporting proposals and expanding existing IT audit and technology risk engagements.
Client Management
- Build and maintain strong, trusted relationships with clients and senior stakeholders.
- Serve as a key advisor on IT audit, cybersecurity, technology risk, and regulatory developments.
- Communicate complex technical issues in a manner that is understandable, actionable, and decision‑relevant.
People & Professional Development
- Lead, mentor, and coach engagement teams; provide constructive performance feedback and support professional growth.
- Promote knowledge sharing and best practices across the IT audit and cybersecurity teams.
- Pursue continuous professional development, including relevant certifications and technical training.
Qualifications
Required
- Bachelor's degree in Information Technology, Computer Science, or a related field.
- Minimum of 5 years of relevant experience in IT audit, technology risk, or cybersecurity assurance.
- Strong working knowledge of:
- IT governance frameworks
- IT security and cybersecurity principles
- IT infrastructure and operations
- Demonstrated experience in:
- ITGC and ITAC reviews
- Information security and cybersecurity assessments
- Post‑implementation reviews
- Hands‑on experience in Vulnerability Assessment and Penetration Testing (VAPT), including analysis, validation, and reporting of findings.
- Proven ability to translate technical vulnerabilities and control weaknesses into risk‑based audit observations and practical recommendations.
Preferred
- Professional certifications such as CISA, CIA, and/or CISSP.
- Experience with application security reviews and/or ERP‑related audits or implementation projects.
CORE COMPETENCIES
- Strong analytical, project management, and communication skills
- Sound professional judgment, integrity, and independence
- Client‑focused, collaborative, and solutions‑oriented mindset
- Ability to balance technical depth with audit and business context
Why Join P&A Grant Thornton
At P&A Grant Thornton, You'll Experience a Culture That Cares For Its People As Much As It Cares For Its Clients. Here's What You Can Look Forward To
- Performance-based salary appraisal
- Health bonuses
- Accident and life insurance coverage
- Paid sick leave and vacation leaves
- Competitive compensation package
- Flexible work arrangements (depending on client engagement)
- Continuous training, mentoring, and professional development
- Exposure to diverse industries and international practices through Grant Thornton's global network.
Be Part of Something Bigger
At P&A Grant Thornton, you won't just crunch numbers—you'll help businesses grow, communities thrive, and your career flourish. If you're ready to bring your skills and passion to a firm that values excellence, integrity, and innovation, we'd love to meet you.
Apply now and grow with us! 
