IT Experienced Associate, Risk Advisory Services

Job Summary BDO’s Core Purpose is Helping People Thrive Every Day.

Our Core Values reflect how we manage our work, our relationships and ourselves.

As an employee of the firm, you will live true to our Core Values of people first, being exceptional every day in every way, embracing change, feeling empowered through knowledge and choosing accountability.

Our Core Values are the standards by which we conduct ourselves day in and day out, both internally and externally.

The IT Experienced Associate, Risk Advisory Services role is responsible for partnering with more experienced Risk Advisory Services professionals to provide risk consulting and issues resolution to clients in the areas of IT General Controls, SOX IT, Information Technology Process Improvement, pre and post implementation reviews, and IT Security assessments.

The IT Risk Advisory Services Associate will participate in most stages of an internal audit or consulting engagements and provides assistance with planning, field work, engagement wrap up and report composition.

Assists with the informational interviews and facilitation of meetings with clients during engagement process Obtains information, documents and data from clients to support the completion of analysis and research of client issues Assists in the preparation of risk-based IT audit programs Documents and analyzes the client’s processes, risk and controls with guidance and direction from senior Risk Advisory Services professionals Implements project plans, and maintains all documentation and work papers associated with client engagements Assesses risk, and communicates with other RAS professionals and/or clients, as necessary Develops initial deliverables and/or solutions to client issues Proposes basic recommendations for a risk-based audit plan Utilizes research tools, databases and trade publications to develop understanding of client’s industry Develops relationships with client personnel and management members Assists with the management of the engagement to ensure engagement metrics are achieved Utilizes research tools, databases and trade publications to develop understanding of client’s industry Assists with the research and drafting of proposals Maintains all documentation and work papers associated with client engagements Determines compliance with appropriate audit policies and procedures Assesses internal control design and operational effectiveness Prepares formal and informal presentations for client meetings Communicates findings to senior management and drafts comprehensive report of audited area Stays abreast of current developments in IT technology, cloud services, IT security breaches, auditing standard updates and other emerging issues which may impact the audit process Other duties as required Qualifications Education: Bachelor’s degree in Information Technology, Computer Science, Accounting, Finance, or another relevant field, required Experience: Two (2) or more years of experience within a public accounting firm or industry environment performing internal audit, IT audit, consulting or risk services, required Experience with IT internal controls (including Sarbanes-Oxley, COBIT, FFIEC, etc.), flowcharts, documentation and testing of IT controls, preferred Experience with IT Audit and Sarbanes Oxley, required Experience performing IT Security audits and third-party vendor risk assessments, preferred License/Certifications: CPA, CIA, CISA, and/or other relevant certifications, preferred Software: Proficient in the use of Microsoft Office Suite, specifically Excel and Word, required Experience auditing various mainstream ERP applications (e.g.

JD Edwards, SAP, Oracle, Dynamics, NetSuite, etc.), preferred Experience auditing various infrastructure platforms (e.g.

Linux/Unix, Windows, AS400, Oracle, SQL, etc.), preferred Experience with various IT audit applications and research tools, preferred Working knowledge of data analytics software such as IDEA or ACL, preferred Language: English, required Other Knowledge, Skills & Abilities: Knowledge of: Automated business systems, program change management controls, input, processing and output controls and related audit techniques Network access security methods such as firewalls, proxies, virtual private networks, and IDS/IPS Physical facilities and equipment access controls Cloud security and third-party vendor risks Logical data and application access controls Disaster recovery and business continuity methods Knowledge of internal accounting controls, professional standards and regulations and systems Strong verbal and written communication skills Ability to adapt style and messaging to effectively communicate with professionals at all levels both within the client organization and the Firm Ability to successfully multi-task while working independently and within a group environment Superior analytical and diagnostic skills Capable of working in a demanding, deadline driven environment with a focus on details and accuracy Ability to adapt to rapidly changing environments successfully Solid organizational skills, especially the ability to meet project deadlines with a focus on details Capacity to build and maintain strong relationships with client personnel and within the Firm Ability to travel, as needed