Assurance Associate, Third Party Attestation
Job Summary : The Assurance Associate, Third Party Attestation will be responsible for the preparation of third-party attestation reports, including System and Organization Controls (SOC) 1, SOC 2, SOC 3, SOC for Cybersecurity and WebTrust for CAs, as well as HITRUST, SSPA, ISO, MRC and CSA STAR applying most areas of the governing standard as necessary and documenting, validating, testing, and assessing various control systems, including internal controls. Our TPA individuals specialize in these specific areas to understand the entire technology risk umbrella rather than maintaining overall knowledge in Information Technology General Control (ITGC) audit or IT audit.
Job Duties :
Applies knowledge and understanding of the collective effect of various factors on establishing or enhancing effectiveness, or mitigating the risks, of specific policies and procedures by :
Identifying and considering all applicable policies, laws, rules, and regulations of the firm, regulators, or other authoritative bodies as part of engagement teamMaking constructive suggestions to improve client internal control proceduresDocumenting and validating the operating effectiveness of the clients' internal control systemDocumenting business and IT processes and controls and tests key controls for service organizations in a variety of industriesIdentifying and prioritizing key risks, and assesses their impact and likeliness of occurrenceCommunicating to the client areas to improve processes, strengthen controls, mitigate risks, and / or increase efficiencyDeveloping and maintaining relationships with client personnel and managementEnsuring technology is appropriately integrated into the examination processGAAS :Applies knowledge and understanding of professional standards; application of the principles contained in professional standards; and the ability to document and communicate an understanding and application of professional standards on an engagement by :
Developing and applying an intermediate knowledge of auditing theory, a sense of audit skepticism, and the use of BDO audit manualsApplying auditing theory to various client situationsDocumenting working papers and attestation reports in line with BDO policy, identifying deviations and notifying more senior team members in order to obtain appropriate approvalsApplying knowledge to identify instances where testing may be reduced or expanded and notifying more senior team members of the occurrenceContributing ideas / opinions to the engagement teamMethodology :Applies knowledge and application of BDO standards to guide effective and efficient delivery of quality services and products by :
Completing all appropriate documentation of BDO work papersEnsuring assigned work is performed in accordance with BDO methodology and requirementsResearch :Applies methodology used to seek or maintain information from authoritative sources and to draw conclusions regarding a target issue based on the information by :
Researching basic and intermediate topics and forming an initial opinion on the treatment independentlyTraining :Attend professional development and training sessions on a regular basis
Complete required CPE hours to maintain applicable certificationsQualifications, Knowledge, Skills and Abilities :
Education :
Bachelor's degree in Accounting, Computer Science, Management Information Systems, Finance, Economics, Business Administration, Managerial Marketing and Entrepreneurship with a concentration in any of the previous areas noted, requiredMaster's degree in Accounting, and minor or dual major in Information Systems or other relevant advanced degree, preferredExperience :
Less than one (1) year of prior experience in IT, internal or external audit or relevant industry experience, requiredLeadership experience, preferredExperience performing SOC, WebTrust, HITRUST, SOX, ISO 27001 and security / privacy advisory engagements, preferredPrior internship or experience working within a public accounting or internal auditing environment, preferredLicense / Certifications :
One or more of the following certifications are preferred :Certified Public Accountant (CPA)Certified Information Systems Auditor (CISA)Certified Information Systems Security Professional (CISSP)ISO 27001 Lead Auditor certificationHITRUST Certified Common Security Framework Professional (CCSFP)Certified Internal Auditor (CIA)Certified Information Security Manager (CISM)Certified Ethical Hacker (C | EH)Certified in Risk and Information Systems Control (CRISC)Certified in the Governance of Enterprise IT (CGEIT)Software :
Proficiency in Microsoft Office Suite, specifically Word, Excel, and PowerPoint, requiredOther Preferred Knowledge, Skills & Abilities :
Strong written and verbal communication skillsAbility to follow instructions as directedAbility to work effectively in a team settingAbility to travel as necessaryTakes appropriate actions without being askedBasic understanding of the planning and coordination stages of an audit preferredAbility to successfully interact with professionals at all levelsIndividual salaries that are offered to a candidate are determined after consideration of numerous factors including but not limited to the candidate's qualifications, experience, skills, and geography.
California Range : $85,000 - $90,000 Colorado Range : $73,000-$77,000 Illinois Range : $78,000-$82,000 Maryland Range : $83,000-$87,000 Massachusetts Range : $83,000-$87,000 Minnesota Range : $70,000-$74,000 New Jersey Range : $78,000-$82,000 NYC / Long Island / Westchester Range : $83,000-$87,000 Washington Range : $78,000 - $80,000 Washington DC Range : $83,000-$87,000
){kind=logo}