Associate Director - Technology Risk Advisory

Primary responsibilities

- Manage high quality client service along with engagement risk and project economics including planning and budgeting, define deliverable content, ensure buy-in of proposed solutions from top management levels at the client.

- Plan and execute activities related to the assessing, designing, and implementation new IT risk and control frameworks, sustainable solutions (including applying knowledge of governance, risk, and compliance tools), operating processes, and people models to address key and evolving risks, as necessary.

- Review the work performed by team on test of design, operating effectiveness, accuracy, and completeness of IT General Control, IT Application Controls (Configurable, Non-configurable), Interfaces, IPE's, and Data Migration in ERP Platform for the support of financial statement audits per the SOX/ICFR, risk based internal audit, ERP Implementation, and/or as part of the integrated audit per any other applicable statute

- Prepare and/or assist the team member in the process narrative, process flowchart, policy and procedure document, risk control matrix (RCM), and the assurance task for the testing.

- Identify and remediate control and performance gaps, implementing/suggesting leading industry practices, reduce risks by adding adequate controls, and cutting company operational costs through innovative IT management techniques.

- Perform and assist the team member in the SOC Readiness Assessments to assist a service organization in assessing its preparedness for the SOC engagement.

- Assist organizations in the identification and management of information security risks by assessing the current state, prioritizing improvements, and conducting projects to reduce risk and improve regulatory compliance.

- Draft comprehensive executive summaries and final reports for delivery to the stakeholder and document and review engagement workpapers in accordance with common industry practice for the client engagements.

- Lead the closure meeting with client to discuss about the noted observation and management action plan.

- Supervise team members on engagements by providing task assignments, ongoing oversight, feedback, and development opportunities.

Qualifications, skills and experience

- Relevant professional qualifications such as CA/ CPA/ ACCA/ MBA/ B.E./ B.Tech/ MCA/ MS

- 9+ years of work experience in a Big4/multinational corporate environment/mid or top-tier accounting firm

- Industry certifications such as CISA, CISM, CISSP or CRISC (or similar) preferred.

- Excellent written and oral communication skills e.g. presentation to top management and report writing

- Experience with leading and executing readiness assessment to implement the IT-related procedures and sustainability assessments to evaluate and enhance the IT General Control & IT Application Control in support of financial statement audits per the SOX/ICFR, risk based internal audit, and/or as part of the integrated audit per any other applicable statute

- Experience with leading and executing SSAE 18 Engagement will be an advantage (Third Party Reporting e,g, SOC 1, SOC 2, and SOC 3)

- Good understanding of industry standards and frameworks such as SOX/ ICFR, COSO, COBIT, SSAE 18, ITIL ISO 27001, and/or GDPR

- Strong leadership and communication skills along with the technical knowledge of IT Application such as Window, Unix, Oracle, SAP, and/or NetSuite along with SQL

- Ability to draft comprehensive report stating about the findings and recommendations to the clients and senior team management.