IT Risk – Consultant

CFGI consultants work as part of a team with other CFGI professionals, its clients and their external auditors (or other professional service firms) on a variety of facets of the engagements, such as IT Internal Audit, SOX implementation and testing, attestation/certification readiness work, business process improvement projects, compliance and other assessments.


Duties include:

·         performing IT controls testing, creating process narratives, flow charts or undertaking procedures for other types of assessments;

·         drafting engagement scope, project plans, risk assessments, testing approach and specific procedures;

·         analyzing IT information;

·         interviewing client contacts;

·         identifying areas for improvement and value-add;

·         developing relationships with client contacts;

·         assisting with managing engagement economics; and

·         business development with new and existing clients.


Furthermore, all team members, from the Consultant level and up, build their skills by assisting the Firm’s leadership with internal responsibilities for training, internal projects, and the continual improvement of the Risk Advisory team.


Ideal candidates will possess the following:

·         Undergraduate degree in Computer Science, Information Systems Audit, Management Information Systems, or similar relevant degree. Strong progress towards obtaining official certification for CISA, CIA or other standard auditing certification will be considered in lieu of university degree (non-certified hires are required to become certified within one year from the date of hire);

·         Two to Five years of experience in public accounting and/or industry performing IT audit, systems implementations, or Information Security;

·         Excellent interpersonal, written and oral communication skills, and ability to assimilate easily into teams;

·         Strong technical skills and a working knowledge of SOX IT General Controls, COSO, SOC 1, and SOC 2;

·         Awareness of ISO 27001, NIST standards, HIPAA, FAIR, and other relevant standards;

·         Effective analytical and critical thinking abilities;

·         Entrepreneurial nature, self-motivated, ethical, and dependable;

·         Strong project management skills;

·         High energy with a commitment to quality client service; and

·         Very strong performance within a team dynamic.