PwC - Manager - Internal Audit - SOC Audit

PwC-Internal Audit_SOC Audit-Manager

Job Description:

Main purpose of the job and key background information:

- As a Manager, you'll work as part of a team of problem solvers with extensive consulting and industry experience, helping our clients solve their complex business issues from strategy to execution. Specific responsibilities include but are not limited to:

- Proactively assist in the management of a portfolio of clients, while reporting to Senior Managers and above

- Develop project strategies to solve complex technical challenges for our clients

- Manage and deliver projects by developing the project team, assessing engagement risks throughout, driving conclusions, and reviewing / challenging the output produced by the team

- Shape and deliver projects to meet and exceed the expectations of our clients and our own quality criteria

- Train, coach, and supervise team members

- Continue to develop internal relationships and develop your PwC brand.

The PwC Internal Audit (IA) team is responsible for providing independent, objective assurance and consulting services designed to add value, minimize risk and improve operations. IA assists the Firm in accomplishing its strategic objectives by bringing a systematic and disciplined approach to the evaluation and improvement of processes focused on internal operations and risk management, financial controls and compliance, information systems, and governance processes.

Requirements :

These should include essential and desirable requirements such as:

- Level of experience

- Education/qualifications

- Industry experience

- Technical capability

- Sales/BD capability

- Metrics

- Key personal attributes

- Consulting experience

Minimum years of experience: 5+ year(s) of external/ internal audit experience (big four experience is preferred)

Minimum Degree Required: Bachelors or Masters Degree in Accounting, Management Information Systems, Computer Science , Engineering or business related field

Preferred Certifications: CISA, CISM, CISSP, CA and/or CIA.

Preferred Knowledge/ skills:

Demonstrates mastery and/or a proven record of success in the following areas:

- Control standards and requirements in accordance with ISO 27001 and the AICPA Trust Services Categories, as well as corresponding control testing strategies;

- Public accounting practices and internal audit processes, including, technology and tools for planning testing and reporting;

- Crafting Service Organization Control (SOC) and/or ISO 27001 reporting;

- Security and controls for various on-premise and cloud-based technologies;

- Auditing standards and controls frameworks (e.g., SOX, COSO, GAAP, SOC 1/2);

- Internal control principles and technical knowledge, including Application Controls and IT General Controls concepts in the areas of system development, change management, computer operations and access to programs and data;

- Identifying and assessing business process controls and linkage to IT systems;

- Developing and/or supervising the execution of detailed audit work plans for the IT audit component of the IA team through resource allocation, stakeholder coordination and quality review;

- Managing the identification of key risks and controls, including evaluation of control design;

- Managing the evaluation of operational effectiveness of IT System Controls, utilizing appropriate testing techniques and professional skepticism;

- Driving IT security fundamentals across multiple domains including security management, security architecture, access control, application development, operations security, physical security, cryptography, telecommunications and networking, business continuity planning, investigations and ethics, etc;

- Reviewing testing activities for compliance and third-party attestation projects, such as SOC, ISO, Hitrust;

- Providing regular status reports to IA management and internal clients/stakeholders, when necessary, to keep relevant parties informed of progress and potential issues;

- Demonstrating agility and working across a range of different subjects and internal audit projects, clients and initiatives;

- Assessing audit results, translating findings into level of risk, to produce meaningful insights and recommendations;

- Communicating risk findings, verbally and written, to clients in a pragmatic and helpful manner;

- Driving follow up and remediation of reported issues in a timely manner;

- Building meaningful relationships with clients through client engagements and networking;

- Managing and delivering against deadlines while working on multiple projects;

- Participating in hiring activities, coaching/developing staff, development/delivery of training; and

- Applying professional skepticism skills.

Additional Information : Flexible work hours may be required to align with US working hours as needed.