IT Risk Advisory (IT Controls) Sr Associate

Other jobs >> General




is the U.S. member firm of Grant Thornton International Ltd, one of the

world s leading organizations of independent audit, tax and advisory firms.

We ve never been a typical professional services firm. We put people first,

and that is what sets us apart.

Risk Advisory Services - Controls Advisory (IT) Risk Senior Associate



Grant Thornton s Advisory professionals are progressive thinkers who create

protect, and transform value today so our clients have the opportunity to

thrive and grow. Our Advisory practice creates holistic solutions delivered by

innovative, curious professionals who bring technical depth and industry

insight to our clients. Business Risk Services protects value. The Business

Risk Services (BRS) practice includes Risk Advisory Services and Forensic

Advisory Services.

* Corporate Governance and Enterprise Risk Management

* Cybersecurity Risk Management

* Compliance and Operational Risk Management

* Third party Risk Management

* Controls Advisory (Internal controls, Internal Audit, and risk analytics)

* Governance Risk & Compliance (GRC) technology enablement


The Business Risk Services (BRS) Controls Advisory IT Risk & Control Senior

Associate is responsible for delivering a range of IT-oriented risk advisory

projects to multiple public and private company clients across a variety of

industries. Responsibilities include planning, executing, and reporting on

internal control and internal audit engagements that develop, assess, or help

improve the design and operating effectiveness of IT risk management and

internal control activities. The Senior Associate works closely with Partners,

Principals, Managing Directors, Senior Managers, Directors, and Managers, and

plays a key role in project delivery, client relationship management, and

business development.


* Run client engagements from start to completion, which includes planning,

executing, and reporting on co-sourced and out-sourced IT internal

audits, IT internal control reviews, IT risk management program

assessments, and tests of IT controls (IT general controls, application

controls, interface controls, key reports, etc.) as part of

management s internal control over financial reporting (ICFR) Sarbane

Oxley (SOX) compliance program, and for System & Organization Control

(SOC) reporting

* Support engagement Manager and/or Senior Manager/Director in preparing

and managing engagement project plans, timelines, budgets, and economics

* Supervise, train, and mentor Associates and Interns on engagements, and

assess performance.

* Obtain an understanding of clients business, objectives, strategy,

operations, processes, IT systems, and controls

* Develop and execute IT internal audit workplans and control test

procedures based on engagement scope, and client environment risk factors

* Applying knowledge of IT trends, systems and processes, evaluate findings

for significance and risk, and develop recommendations for improvement

based on leading practice

* Work with client to deliver services in accordance with project

leadership and client expectations (gather information, resolve problems,

recommend internal control enhancement opportunities, etc.)

* Develop and maintain good working relationships with clients to enhance

client satisfaction

* Work collaboratively across Advisory Business Lines (ABLs) and with other

Service Lines (e.g., Audit Services and Tax Services)

* Adhere to Firm policies, procedures, and methodologies.

* Participate in recruiting efforts.

* Meet or exceed targeted billing hours (utilization) and other defined

performance metrics.

* Participate in business development activities and proposal development

as appropriate.

* Other duties as assigned.

* Bachelors degree in Accounting, Finance, Information Technology,

Management Information Systems, Business Intelligence, or related field.

A Master s degree is a plus.

* Two (2) to six (6) years of related work experience with a professional

services firm, or as part of an Internal Audit function.

* CISA, CISSP, CISM, or CPA license/certification preferred.

* Experience in assessing the design and operating effectiveness of IT risk

management and IT controls (IT general controls, application controls,

etc.) for Internal Audit, SOX compliance, or other risk management


* Understanding of prevailing IT risk management and cybersecurity risk

management standards (COBIT, NIST CSF, etc.)

* Experience assessing the configuration and controls of Enterprise

Resource Planning (ERP) systems (SAP, Oracle, PeopleSoft, JD Edwards,

etc.) a plus.

* Experience assessing the configuration and controls of SAP ECC, S/4 HANA,

etc. (BASIS and security administration, process controls, etc.) a strong


* Strong understanding of IT general controls, and current focus areas of

external financial statement auditors (completeness and accuracy of key

reports, level of precision, etc.)

* Experience with assessing GRC and Identity and Access Management (IAM)

solutions a plus.

* Experience with assessing at least one (preferably multiple) operating

system (OS/400, Windows, UNIX, etc.), database system (Oracle, SQL,

etc.), and IT infrastructure / network component (domain controllers,

firewalls, routers, intrusion prevention / detection solutions, etc.).

* Experience leveraging ACL, IDEA, QlikView / QlikSense, Tableau, Spotfire,

or other analytics and visualization solutions a plus.

* Ability to supervise staff and lead projects.

* Exceptional client service and communication skills, with a demonstrated

ability to develop and maintain outstanding relationships.

* Ability to manage multiple projects and competing priorities in a rapidly

growing, fast-paced, interactive, results-based team environment.

* Strong leadership, recruiting, training, and mentoring skills, coupled

with excellent oral, written, and presentation skills.

* Excellent analytical, organizational and project management skills.

* Strong computer skills, including proficiency in Microsoft Visio and

Office Suite applications.

* Ability to work additional hours as needed and travel on a regular basis

to clients as required.


Grant Thornton LLP promotes a nationally recognized culture of health and

offers an extensive array of benefits to meet individual lifestyles. For a

complete list of benefits, please visit .

Founded in Chicago in 1924, Grant Thornton LLP (Grant Thornton) is the U.S.

member firm of Grant Thornton International Ltd., one of the world s leadin

organizations of independent audit, tax and advisory firms.

Grant Thornton works with a broad range of publicly- and privately-held

companies, government agencies, financial institutions, and civic and religious

organizations. Core industries served include consumer and industrial products,

financial services, not-for-profit, private equity, and technology. Grant

Thornton focuses on serving dynamic organizations that pursue growth

holistically whether through revenue improvement, leadership, mission

fulfillment or innovation.

It is Grant Thornton s policy to promote equal employment opportunities. Al

personnel decisions, including, but not limited to, recruiting, hiring,

training, promotion, compensation, benefits and termination, are made without

regard to race, creed, color, religion, national origin, sex, age, marital

status, sexual orientation, gender identity, citizenship status, veteran

status, disability or any other characteristic protected by applicable federal,

state or local law.

Primary Location


Work Locations

  • 1
  • Negotiable
  • None
  • None
  • Re-126896
  • Permanent
  • 3

How to Apply: Please click here to create a free account and post your resume. Only logged in job seekers can apply for a job.

Find us at:

Never provide bank account, credit card details or any other financial information, or make any form of payment, when applying for a job. If you are ever asked to do this by a recruiter on Pure Jobs please click the Report button or contact us with the advertiser's company name and the title of the job vacancy. You should not send any money to anyone. A genuine employer with a job offer would never ask you to do this.

Report this job

Report a job

If you're concerned about a job advert, let us know and our quality team will investigate.

Your name(*)
Invalid Input

Your email address(*)
Invalid Input

Please select you reason(*)

Additional information(*)
Invalid Input

Invalid Input

Get new jobs for this search by email.

Also get an email with jobs recommended just for me.

Create Alert

Subscribe to updates from our blog