Information Technology Auditor

Job Summary

We are looking for GRC, SOC AUDITOR Consultant

responsibilities

• Demonstrate proficiency in Schellman Methodology
• Guide associates and peers
• Obtain certifications (ISO LA, CISA, CISSP, AWS CCP, etc.)
• Successfully run a project from fieldwork through completion
• Understand and demonstrate ability to speak to Schellman's service lines at a high level and their leaders
• Demonstrate proficiency of SOC 1 GITCs and each Security, Availability, Processing Integrity, Confidentiality, and Privacy SOC 2 criteria
• Demonstrate understanding of Principal Service Commitments and System Requirements and how they impact scope of a SOC 2
• Know all four report opinion outcomes and ability to draft modified opinions
• Demonstrate ability to identify if exception(s) would potentially yield a qualified opinion
• Demonstrate self-organization, consistently and proactively look ahead to future projects, and prepare accordingly
• 
  •Schellman Methodology
• Read STMV quarterly, and demonstrate ability to apply concepts (sampling methodology, TA language structure, exception wording, etc.)
• Review and demonstrate ability to apply concepts of AS 2.0 Reference Guide
• Review and demonstrate ability to apply concepts of "EWP WP Guidance"
• Obtain CCSK and begin pursuing second certification (ISO 27001 LA, CISA, AWS CCP)
• Understand and demonstrate ability to articulate differences between SOC 1 and SOC 2
• Participate on project as a shadow or assessor for attestation offerings such as HIPAA, AUP, C5, etc.
• Begin understanding SOC 1 GITCs and each SOC 2 criteria for the Security, Availability, and Confidentiality categories
• Ability to articulate qualified vs unqualified opinion; know all four types of opinions
• Learn Schellman's services and service line leaders
• Adhere to and complete all matters included in the Associate Score Card
• Accurately manage and report time worked to each project / initiative
• Complying with Schellman's code of ethics and professional conduct, methodologies, policies, and procedures
• Adhering to the professional and regulatory standards relevant to assigned service line specialization(s)
• Promoting Schellman's company culture and exemplifying Schellman's values
• Establishing high quality relationships and rapport with client personnel
• Managing client expectations to ensure expectations are exceeded
• Completing assigned duties in a timely manner and with a high attention to detail
• Collaborating with fellow project team members in a productive and timely manner throughout the life cycle of each project
• Adhering to project schedules and keeping fellow project team members apprised of the progress of assigned tasks
• Escalating issues internally in a proper and timely manner
• Using discretion and decorum in the timing, form, and content of all client communications
• Booking travel reservations in a timely manner and in accordance with Schellman's travel and expense policies and procedures
• Performing the essential functions of other service delivery positions when qualified and called upon to do so
• Attending project kick-off and closing meetings
• Executing assigned testing procedures, performing detailed analysis, reaching conclusions, documenting results in accordance with company standards, and suggesting ideas for improvements, where applicable
• Drafting project deliverables
• Serving as a contact for clients' basic questions regarding an engagement
• Participating in recruiting and candidate interview activities
• Training project team members
• Acclimating newer team members to Schellman
• Contributing to Schellman's practice development efforts
• Developing an expert knowledge of professional and regulatory standards relevant to assigned service line specialization(s)
• Contributing to Schellman's thought leadership (e.g., articles, webinars, public speaking, etc.)

Qualifications

• Bachelor's degree in accounting, finance, business management, technology, or other relevant subject area, or equivalent years of experience directly related to the duties and responsibilities specified
• 2+ years of related professional services experience in information security auditing, assessment, consulting or compliance, focused on ITGC or SOC controls
• Ability to work well independently, within a team and with clients as well as travel ~40-50% (M-Th)
• Maintains (preferred) or working towards obtaining least one certification relevant to Schellman's services (i.e. CPA, CCSK or CISA)

Knowledge, Skills, and Abilities:

• Working knowledge of Schellman's services, methodology, and relevant professional standards
• Requisite knowledge of applicable technology and security domains
• High level of attention to detail and quality of work product
• Client service oriented
• Excellent time management, organizational, and verbal and written communication skills
• Ability to work on-site or remotely as a valuable contributor to a collaborative team
• Capable of simultaneously managing assigned tasks for multiple projects
• Proficient using Microsoft Word, Excel, and PowerPoint, as well as Schellman's service delivery applications
• Full understanding and application of ethics, independence and Schellman's values