IT Audit Senior Associate

If you enjoy working with clients and colleagues to improve business effectiveness, create sustainable efficiencies, add value by matching Firm capabilities with client needs, and build a world class consulting organization, then we invite you to help drive our winning Risk Advisory Services strategy.


The Risk Advisory Services Practice assists clients in managing operational, financial and technology risk as well as designing and implementing process improvements that can lead to increased value, revenue, or cost containment.   Along with other Business Consulting Practices, Risk Advisory Services helps clients across various industries address the increasingly complex strategic, operational, compliance, and governance challenges faced by those responsible for managing or overseeing dynamic businesses. 


RSM's Risk Advisory Service offerings include:  Internal Audit, Information Technology (IT) Audit, Security & Privacy Services, SOX Advisory, SOC1 / SOC2 Reporting, Contract Compliance, IT Governance Risk and Compliance, Enterprise Risk Management and AML/Regulatory Compliance Advisory.  Within the Risk Advisory Services (RAS) Practice, the Systems and Process Assurance (SPA) will be responsible for working on and performing System and Organization Control (SOC) engagements across a variety of industries. Our Systems and Process Assurance (SPA) solution set conducts independent third party assessments including SOC 1, SOC 2 and SOC 3 reports.


The Senior Associate will be an integral team member by assisting with planning engagements, conducting fieldwork, discussing findings and observations during client exit meetings, preparing work papers to support conclusions, reviewing staff work papers, and preparing written attestation reports. The candidate should have a strong knowledge-level of financial, operational, and/or information technology, internal controls, identifying risks and related controls, as well as performing test work of identified significant controls. The candidate should also be capable of conducting audit and attestation engagements independently and in-charging an engagement team. 


Major Duties and Responsibilities: 

  • Performing and delivering SOC engagements in accordance with firm’s defined methodology and AICPA standards in order to support firm’s quality and risk management programs

  • Work closely with RSM SPA leaders and clients to scope and plan SOC report attestation engagements

  • Supervise teams during fieldwork, including monitoring and supporting their work activities

  • Responsible for timely communications to RSM SPA leadership and clients on progress of client engagements

  • Reviews staff work papers and ensures quality of engagement files to support firm’s quality standards

  • Consistently perform required activities to develop and train our staff. This includes evaluating and providing timely feedback on the performance of personnel reporting to this position on engagements

  • Help determine the staffing requirements for the team and assist in the recruiting process

Methods of Accountability: 

  • Evaluation against performance metrics at least annually, including charge hour requirements, timely completion of projects and technical development

  • Minimum of semi-annual performance feedback reviews that include hard and soft skills

  • Various oral and written reports to the SPA leadership

  • Progression on the RSM Career Development Framework.

Standards of Performance: 

  • Achievement of the scorecard targets for the SPA service line and individually

  • Effectively working with regional leadership to achieve the goals and objectives of the business unit and service line

  • Creation and maintenance of an environment where our people are highly motivated, well informed, produce a consistently high-quality delivery and are proud to be part of the SPA service line


  • Bachelor's degree in accounting or related field

  • CPA or CPA candidate

  • Minimum 3 years of experience with assurance/audit within a public accounting firm, risk advisory services or internal audit 

  • Knowledge of AICPA standards including SSAE 16, ISAE 3402, AT 101 and AT 801

  • Ability to travel 40% 

Preferred Qualifications: 

  • Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments

  • Ability to interact with all levels including executives and senior managers

  • Certified Information Systems Auditor (CISA)

  • Curiosity and willingness to learn

Share this Job

Other Locations For This Job