IT Risk Directors work closely with senior management of Fortune 500, mid-cap and start-up companies, as well as all levels of CFGI staff from Consultant to Partner. Engagements include IT Internal Audit, SOX implementation and testing, attestation/certification readiness work, business process improvement projects, compliance and other assessments.
CFGI Directors lead project teams and interact with clients and their external auditors (or other professional service firms) on all aspects of engagements, including:
· reviewing IT controls testing, process narratives, flow charts or procedures for other types of assessments;
· approving engagement scope, project plans, risk assessments, testing approach and specific procedures;
· identifying areas for improvement and value-add;
· preparing reports or other appropriately styled presentations of findings and recommendations;
· preparation for, and participation in Audit Committee meetings or other senior management meetings;
· developing and managing relationships with client management;
· managing engagement economics; and
· business development with new and existing clients.
Furthermore, Directors are seen as part of the Firm’s leadership and have internal responsibilities for staff development, training, internal projects, and the continual improvement of the Risk Advisory team.
Ideal candidates will possess the following:
· Certified CISA, CIA or other standard auditing certification combined with solid IT audit experience. Undergraduate degree in Computer Science, Information Systems Audit, Management Information Systems, or similar relevant degree will be considered in lieu of formal qualification (non-certified hires are required to become certified within 1 year from the date of hire);
· Undergraduate degree in Accounting, CPA and/or MBA combined with solid accounting experience are preferred but not required;
· 7 to 12 years of experience in public accounting and/or industry performing IT audit, systems implementations, or Information Security;
· Excellent interpersonal, written and oral communication skills, and ability to assimilate easily into teams;
· Strong technical skills and a working knowledge of SOX IT General Controls, COSO, SOC 1, and SOC 2;
· Awareness of ISO 27001, NIST standards, HIPAA, FAIR, and other relevant standards;
· Effective analytical and critical thinking abilities;
· Entrepreneurial nature, self-motivated, ethical, and dependable;
· Strong project management skills