If you enjoy working with clients and colleagues to improve business effectiveness, create sustainable efficiencies, add value by matching Firm capabilities with client needs, and build a world class consulting organization, then we invite you to help drive our winning Risk Advisory Services strategy.
The Risk Advisory Services Practice assists clients in managing operational, financial and technology risk as well as designing and implementing process improvements that can lead to increased value, revenue, or cost containment. Along with other Business Consulting Practices, Risk Advisory Services helps clients across various industries address the increasingly complex strategic, operational, compliance, and governance challenges faced by those responsible for managing or overseeing dynamic businesses.
RSM's Risk Advisory Service offerings include: Internal Audit, Information Technology (IT) Audit, Security & Privacy Services, SOX Advisory, SOC1 / SOC2 Reporting, Contract Compliance, IT Governance Risk and Compliance, Enterprise Risk Management and AML/Regulatory Compliance Advisory.
Analyzing and evaluating information technology (IT) security risks and controls
Performing IT audits, IT risk reduction recommendations, general IT control reviews, Service Organization Control (SOC)/ SAS 70 audits
Implementing solutions based on control weaknesses
Developing policies and procedures as it relates to information systems controls
Supervising, leading and training staff as needed
Experience with major operating systems and databases
Four - five years of experience in a professional services, consulting or public accounting environment conducting IT Audits or information security assessments
Ability to travel overnight up to 30%, depending on client locations
CISA, PPM, CISSP or GIAC certifications (or the willingness to obtain within the near future)
FFIEC, COBiT, or NIST experience
Strong verbal and written abilities
Strong multitasking and project management skills
Big Four or other consulting background
Knowledgeable regarding Sarbanes-Oxley Act, Service Organization Control
Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices