landing_page-logo
UHY logo

Technology, Risk and Compliance - Senior Consultant

UHYSaint Louis, Missouri
Apply with Sonara
Apply

Automate your job search with Sonara.

Submit 10x as many applications with less effort than one manual application.1

Reclaim your time by letting our AI handle the grunt work of job searching.

We continuously scan millions of openings to find your top matches.

pay-wall

Job Description

JOB SUMMARY

As a Technology Risk and Compliance (TRC) Senior, you will focus on helping clients understand and mitigate their technological and cybersecurity risks, in addition to building and maintaining positive client relationships. The TRC team’s service offerings include SOC 1®, SOC 2®, PCI, ISO 27001, HIPAA, and many other IT risk and control frameworks. There are numerous consulting opportunities related to assessing IT and cybersecurity risks for multi-national and local clients. You will build fundamental knowledge and technical skills to be successful in the growing field of Information Technology Risk and Compliance services.

JOB DESCRIPTION

IT Control Attestations

  • Work directly with IT Audit Managers and clients to gain an understanding of the client’s IT systems, infrastructure, and control environment
  • Apply that understanding to a variety of IT risk and control frameworks such as SOC, PCI, HIPAA, ISO, FFIEC, NIST, CIS Security and many others
     

IT Risk Assessments

  • Understand the clients and their stakeholders to assist with an independent assessment of their IT risks and be involved with developing various types of reports and presentations to stakeholders
     

IT Risk Assessments

  • Understand the clients and their stakeholders to assist with an independent assessment of their IT risks and be involved with developing various types of reports and presentations to stakeholders
     

Controls Testing:

  • Working directly with IT Audit Managers to develop and follow audit plans to evaluate the design and operational effectiveness of client controls
     

Documentation:

  • Clearly document the procedures, results of tests, and conclusions performed during control testing
     

Training and Support:

  • Work with junior level staff and interns to provide training and support throughout the course of engagements.
  • Review their work and provide feedback
     

Quality control

  • Ensure quality control procedures are being executed under direction of engagement supervisor, and perform thorough self-review of all work prior to submission
     

Administration

  • Track time and maintain designated chargeable hours for the year

Supervisory responsibilities

  • You will supervise IT Audit Staff and interns throughout engagements.  You will review their work and provide feedback to the staff and to the IT Audit Managers

Work environment

  • Work is conducted in a professional office environment with minimal distractions

Physical demands

  • Prolonged periods of sitting at a desk and performing work in front of a computer screen for long periods of time
  • Must be able to lift up to 15 pounds at a time

Travel required

  • Some travel is required.  The TRC team meets twice a year at various offices in the county. 
  • Some client travel may be required.   

Required education and experience

  • Bachelor's degree in accounting, information systems, or similar with an interest in information technology
  • A minimum of 2 – 4 years of related internal audit and IT audit experience
  • Must have a desire to work toward achieving one or more of the following certifications:
    • Certified Public Accountant (CPA)
    • Certified Information Systems Auditor (CISA): ISACA's globally recognized cornerstone certification for IS, audit, control, assurance, and security professionals who control, monitor, and assess an organization's information technology and business systems
    • Certified Information Systems Security Professional (CISSP): An independent information security certification governed by the International Information Systems Security Certification Consortium, also known as ISC², which provides security training to information assets
    • Certified Information Security Manager (CISM): ISACA's certification program for those who manage, design, oversee, or assess an enterprise's information security

Other duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the colleague for this job. Duties, responsibilities and activities may change at any time with or without notice.

WHO WE ARE

UHY is one of the nation’s largest professional services firms providing audit, tax, consulting and advisory services to clients primarily in the dynamic middle market. We are trailblazers who bring our experience from working within numerous industries to our clients so that we can provide them with a 360-degree view of their businesses. Together with our clients, UHY works collaboratively to develop flexible, innovative solutions that meet our clients’ business challenges. As an independent member of UHY International, we are proud to be a part of a top 20 international network of independent accounting and consulting firms.

WHAT WE OFFER

POSITIVE WORK ENVIRONMENT

Enjoy a collaborative and supportive work environment where teamwork is valued.

ATTRACTIVE COMPENSATION PACKAGES

Our compensation is competitive and tailored to reflect the role, qualifications, and expertise of each individual.

COMPREHENSIVE BENEFIT PACKAGE

Access comprehensive benefits including group health insurance, dental and vision coverage, 401(k) retirement plans, and generous paid time off (PTO) allowances.