IT Risk - Consultant

CFGI consultants work as part of a team with other CFGI professionals, its clients and their external auditors (or other professional service firms) on a variety of facets of the engagements, such as IT Internal Audit, SOX implementation and testing, attestation/certification readiness work, business process improvement projects, compliance and other assessments.

1. Performing IT controls testing, creating process narratives, flow charts or undertaking procedures for other types of assessments
2. Drafting engagement scope, project plans, risk assessments, testing approach and specific procedures
3. Analysing IT information
4. Interviewing client contacts
5. Identifying areas for improvement and value-add
6. Developing relationships with client contacts
7. Assisting with managing engagement economics

Furthermore, all team members, from the Consultant level and up, build their skills by assisting the Firm's leadership with internal responsibilities for training, internal projects, and the continual improvement of the Risk Advisory team.

1. Strong progress towards obtaining official certification for CISA, CIA or other standard auditing certification will be considered in lieu of university degree
2. Three to Five years of experience in public accounting and/or industry performing IT audit, systems implementations, or Information Security
3. Excellent interpersonal, written and oral communication skills, and ability to assimilate easily into teams
4. Strong technical skills and a working knowledge of SOX IT General Controls, COSO, SOC 1, and SOC 2
5. Awareness of ISO 27001, NIST standards, HIPAA, FAIR, and other relevant standards
6. Effective analytical and critical thinking abilities
7. Entrepreneurial nature, self-motivated, ethical, and dependable
8. Strong project management skills
9. High energy with a commitment to quality client service
10. Very strong performance within a team dynamic