Accenture - Information Security Specialist (5-7 yrs)
Internal Audit is a part of finance organization and reports into the Audit Committee of Accenture's Board of Directors. Internal Audit's primary mission is to provide the Audit Committee of the Board of Directors with an independent and objective assessment of the reliability and integrity of financial and select operating information, the effectiveness and efficiency of systems and controls, and compliance with policies and procedures.
IA also provides advisory services designed to add value and improve operations through bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, controls, operations, and governance processes.
Good to have: CISA, CISM, ISO27001 or CISSP certification. Experience in Big 4, or working in a global Internal Audit function, or Cyber security experience.
- Responsible for the detailed execution of the audit assigned areas and communication of specific elements of the risk-based work plan including Accenture management and Audit Committee special project requests
- Perform audit projects in accordance with Accenture's audit methodology and the Institute of Internal Auditors' (IIA) international standards for the Professional Practice of Internal Auditing, focusing on projects that involve information technology global processes and controls, and computerized information systems.
- Perform activities that include planning and developing audit work programs, executing audit test procedures, identifying recommendations for continuous improvement, communicating results, and following up on issues reported.
- Prepare audit reports and work papers to ensure adequate documentation exists to support the completed audit and conclusions
- Verify the adequacy of information technology (IT) operating procedures of the company through a systematic program of audits
- Assist in development of the company's annual audit plan; schedule and plan audits
- Conduct IT integrated audits with operational, compliance, financial, and investigative audit teams, as assigned
- Conduct IT advisory services projects to provide additional value-add services including things such as risk and control recommendations, benefit realization assessments, etc.
- Includes review of IT General Controls, Infrastructure hosting, SDLC, Quality assurance including review of segregation of duties procedures, BCP/DR, Incident/Problem, Change, Server and Network Configuration controls, Vulnerability and Patch management procedures, Asset Management, Server Backup and restorations procedures, emerging technologies (e.g. Artificial Intelligence (AI), IoT, RPA, Wireless etc.), Corporate Policies, Standards, Compliance reviews and other global operational control reviews.
- As appropriate, identify opportunities for continuous improvement of information technology, accounting.