Security Specialist, Managed Risk (IT Audit)

We Are
Accenture Security helps organizations prepare, protect, detect, respond, and recover along all points of the security lifecycle. Cybersecurity challenges are different for every business in every industry. Leveraging our global resources and advanced technologies, we create integrated, turnkey solutions tailored to our clients’ needs across their entire value chain. Whether we’re defending against known cyberattacks, detecting and responding to the unknown, or running an entire security operations center, we will help companies build cyber resilience to grow with confidence. Our team of the security sector’s brightest people use the coolest tech to out-hack the hackers and help clients build resilience from within. We blend risk strategy, digital identity, cyber defense, application security and managed service solutions to rethink the entire security lifecycle.

You Are
Proven success in contributing to a team-oriented environment
Proven ability to work creatively and analytically in a problem-solving environment
Desire to work in a fast paced and highly collaborative environment
Excellent leadership, communication (written and oral) and interpersonal skills
Can apply deep security skills to design, build and protect enterprise systems, applications, data, assets and people for Accenture and our clients.

The Work (Role Responsibility)
Although no two days at Accenture are the same, your duties as Security Delivery Specialist within Managed Risk will likely include:

1. Participate in the full delivery of various cyber risk and security engagements.
2. Consult to gather requirements and understand our clients' key challenges and work with senior team members to advise on practical and cost-effective solutions to help mitigate our clients’ cybersecurity risks and challenges.
3. Conduct information security risk assessments, including risk/issue intake/identification, triage and treatment plan preparation and tracking in accordance to our client Information Security and Compliance Frameworks as well as regulatory standards and requirements (i.e. SOX, PCI, ISO, SOC2, NPCI).
4. Help manage payments compliance (i.e. PCI) for various payments platforms.
5. Manage risk across multiple layers of the technology architecture stack.
6. Hands-on participation in the people, process and technology aspects of a broad range of engagements including implementation and operation of security strategies and solutions. Focus will be on transition, transform and run efforts to enable our clients as part of a managed service.
7. Work alongside seasoned subject matter experts to build your knowledge and expertise.
8. Coordinate expectations between internal team members and external stakeholders to contribute to the successful delivery of the project.
9. Bring risk and controls testing expertise for IT controls.
10. Perform IT control assessments/testing and assist with continuous monitoring activities, and help remediate any control deficiencies or findings.
11. Prepare control testing scripts, plans, agendas to help the client through test execution process.
12. Help plan and manage audits and assessments, including meeting with internal stakeholders to prepare, coordinating walkthroughs, providing evidence to external auditors, and responding to findings and recommendations.
13. Document testing working papers with evidence and discussions through observation/inquiry with various client stakeholders.
14. Assist with ongoing IT controls related functions, such as performing vendor reviews, user access reviews and risk assessments.
15. Drive key meetings with client stakeholders.
16. Provide test execution status and complete executive reporting.
17. Provide detailed analysis of test execution status by phase.
18. Articulate and defend IT controls testing approach and perform test of design and operating effectiveness.
19. Test IT controls across multiple security and compliance domains including but not limited to access controls, change management, configuration management, disaster recovery and business continuity, and security and IT operations.
20. Establish and maintain effective working relationships with colleagues, existing clients, and prospective client organizations.
21. Engage in and contribute to the innovation, growth and enhancement of Accenture Security services.
22. Participate in relevant community events that align to personal interests and provide the opportunity for you to build your professional brand.

Here’s What You Need (Basic Qualifications)
• Minimum of 3 years of experience testing IT security controls
• Minimum of 3 years of experience preparing control testing scripts, plans and agendas to help the client through test execution process
• Minimum 2 years’ experience creating technical documentation.

Bonus Points If (Preferred Skills)
• One or more of professional designations such as CISA, CISM, CRISC, CISSP preferred
• PCI compliance testing
• Experience working for the Big 4 or a global SI is highly desired.

Professional Skill Requirements:
• Eagerness to contribute in a team-oriented environment
• Ability to work creatively and analytically in a problem-solving environment
• Good communication (written and oral) and interpersonal skills
• Good organizational, multi-tasking, and time-management skills
• Demonstrated leadership, teamwork and collaboration in professional setting; either military or civilian.

Compensation at Accenture varies depending on a wide array of factors, which may include but are not limited to the specific office location, role, skill set, and level of experience. As required by local law, Accenture provides a reasonable range of compensation, based on full-time employment, for roles that may be hired in British Columbia as set forth below.

Role Location Annual Salary Range

British Columbia $61,800 to $167,000