Search jobs > Boston, MA > Assurance manager

Assurance Manager, Third Party Attestation

BDO
Boston, MA, United States
$125K-$160K a year
Full-time

Job Summary :

The Assurance Manager, Third Party Attestation is responsible for leading a team of audit professionals in the planning, fieldwork, and wrap-up phases of third-party attestation reports.

This role focuses on various types of reports, including System and Organization Controls (SOC) 1, SOC 2, SOC 3, SOC for Cybersecurity, WebTrust for CAs, HITRUST, SSPA, ISO, MRC, and CSA STAR.

The Assurance Manager ensures compliance with the relevant governing standards and regulations while documenting, validating, testing, and assessing control systems, including internal controls.

The team specializes in these specific areas of third-party attestation reports to understand the entire technology risk umbrella rather than maintaining overall knowledge in Information Technology General Control (ITGC) audit or IT audit.

Job Duties :

Control Environment :

  • Applies knowledge and understanding of governing principles, applying these principles to clients and documenting and communicating an understanding and application of these principles by :
  • Identifying and considering all applicable policies, laws, rules, and regulations of the firm, regulators, or other authoritative bodies as part of engagement team
  • Applying a broad understanding of objectives and components of the overall control environment, organization and supervisory controls
  • Overseeing planning and executing attestation examinations, including obtaining an understanding of the control environment, designing test plans, evaluating deficiencies and assessing the overall control environment
  • Identifying and prioritizing key risks, and assesses their impact and likeliness of occurrence
  • Overseeing the documenting and validating of the operating effectiveness of the clients’ internal control system
  • Overseeing the documenting of business and IT processes and controls and tests key controls for service organizations in a variety of industries
  • Reviewing client attestation reports, ensuring accuracy, completeness and all supporting information is documented in the work papers and through appropriate testing
  • Identifying, analyzing and discussing alternative principles with engagement leadership and client, as needed

GAAS :

  • Applies knowledge and understanding of professional standards, application of the principles contained in professional standards and the ability to document and communicate an understanding and application of professional standards on an engagement by :
  • Developing and applying an advanced knowledge of auditing theory, a sense of audit skepticism and the use of BDO audit manuals in performing and supervising work
  • Applying auditing theory to various client situations
  • Documenting workpapers and attestation reports in line with BDO policy, identifying deviations and notifying the engagement partner in order to obtain appropriate approvals
  • Applying knowledge to identify instances where testing may be reduced or expanded, and notifying the engagement partner of the occurrence
  • Contributing ideas and opinions to the engagement team

Engagement Management :

  • Serves as primary client contact for all questions and issues
  • Develops and maintains relationships with client personnel and management
  • Supervises the work of the engagement team, and reviews workpapers and conclusions, preferably onsite, during fieldwork
  • Identifies and delegates functions of the engagement to the auditor in charge, as deemed appropriate
  • Provides on the job training to less experienced team members
  • Identifies complex issues, and brings them to a resolution with client and leadership
  • Identifies and communicates suggestions to improve client internal controls and procedures to management and / or audit committee
  • Drafts attestation reports, and effectively communicates contents to client
  • Recognizes and applies new pronouncements to client situations
  • Ensures technology is appropriately integrated into the examination process

Methodology :

  • Applies knowledge and application of BDO standards to guide effective and efficient delivery of quality services and products by :
  • Ensuring completion of all appropriate documentation in BDO workpapers
  • Conducting a detailed review to assure audit is completed in accordance with assurance manual standards
  • Preparing and / or reviewing required communications to management and audit committees, ensuring timeliness and completeness
  • Recommending appropriate outcomes to critical issues
  • Initiating and preparing client acceptance / retention procedures, where appropriate
  • Planning the audit process, and overseeing the execution of procedures with quality, efficiency and completeness despite pressures of deadlines
  • Executing proper BDO methodology, including but not limited to proper archiving procedures
  • Ensuring all work is performed in accordance with BDO methodology and requirements

Research :

  • Applies methodology used to seek or maintain information from authoritative sources and to draw conclusions regarding a target issue based on the information by :
  • Researching complex topics and forming an opinion on the treatment independently
  • Applying a comprehensive knowledge of all appropriate research tools, and drawing conclusions based upon appropriate research
  • Preparing memos supporting research and conclusions, and consulting with others, if appropriate
  • Presenting issues to technical reviewers effectively and accurately
  • Other duties as required

Supervisory Responsibilities :

  • Oversees supervision of Associates and Senior Associates on all projects
  • Schedules and manages the workload of Associates and Senior Associates
  • Reviews work prepared by Associates and Senior Associates, and provides review comments
  • Provides verbal and written performance feedback to Associates and Senior Associates
  • Provides on the job learning to Associates and Senior Associates
  • Acts as a Career Advisor to Associates and Senior Associates

Qualifications, Knowledge, Skills and Abilities :

Education :

  • Bachelor’s degree in Accounting, Computer Science, Management Information Systems, Business Administration, Managerial Marketing and Entrepreneurship, Finance or Economics, required
  • Master’s degree in Accounting and minor or dual major in Information Systems or other relevant advanced degree, preferred

Experience :

  • More than five (5) years of prior experience in IT, internal or external audit, required
  • Supervisory experience, required
  • Experience performing SOC, WebTrust, HITRUST, SOX, ISO 27001 and security / privacy advisory engagements, preferred

License / Certifications

  • One or more of the following certifications are required :
  • Certified Public Accountant (CPA)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)
  • ISO 27001 Lead Auditor certification
  • HITRUST Certified Common Security Framework Professional (CCSFP)
  • Certified Internal Auditor (CIA)
  • Certified Information Security Manager (CISM)
  • Certified Ethical Hacker (C EH)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified in the Governance of Enterprise IT (CGEIT)

Software

  • Proficient in the use of Microsoft Office Suite, specifically Word, Excel and PowerPoint, preferred
  • Prior experience with various applications (., ERP systems), operating systems (., UNIX, Windows); and databases (., Oracle, SQL), preferred
  • Exposure to cloud platforms, SaaS applications, security and engineering tools, and other industry software, preferred

Other Knowledge, Skills & Abilities :

  • Excellent understanding and experience planning and coordinating the stages to perform technology-focused audits and assessments
  • Strong knowledge of internal controls and professional standards and regulations (SOC, ISO, WebTrust, HITRUST, Sarbanes-Oxley,
  • Knowledge of data analytics and emerging technologies, preferred
  • Strong analytical and diagnostic skills with the ability to break down complex issues and implement appropriate resolutions
  • Ability to successfully multi-task while working independently and within a group environment
  • Ability to work in a demanding, deadline driven environment with a focus on details and accuracy
  • Strong project management skills with the ability to manage multiple projects simultaneously
  • Able to effectively manage a team of professionals and delegate work assignments
  • Ability to encourage a team environment on engagements, and contribute to the professional development of assigned personnel
  • Build and maintain strong relationships with client personnel
  • Executive presence and ability to act as primary contact on assigned engagements
  • Strong verbal and written communication skills with the ability to adapt style and messaging to effectively communicate with professionals at all levels both within the client organization and the firm
  • Ability to travel as necessary

Individual salaries that are offered to a candidate are determined after consideration of numerous factors including but not limited to the candidate’s qualifications, experience, skills, and geography.

California Range : $125,000 - $160,000

Colorado Range : $110,000 - $150,000

NYC / Long Island / Westchester Range : $110,000 - $150,000

Washington Range : $120,000 - $160,000

30+ days ago
Related jobs
Promoted
Needham Bank
Wellesley, Massachusetts

The position will provide oversight and review of the Company's Third-Party Risk Management (TPRM) program, ensuring all third-party relationships are properly assessed, managed, and monitored throughout the third party's lifecycle. Third-Party Risk Oversight Manager. The Third-Party Risk Manager is...

Promoted
Needham Bank
Wellesley, Massachusetts

The position will provide oversight and review of the Company's Third-Party Risk Management (TPRM) program, ensuring all third-party relationships are properly assessed, managed, and monitored throughout the third party's lifecycle. The Third-Party Risk Manager is a key second line function ...

BDO
Boston, Massachusetts

The Assurance Manager, Third Party Attestation is responsible for leading a team of audit professionals in the planning, fieldwork, and wrap-up phases of third-party attestation reports. The team specializes in these specific areas of third-party attestation reports to understand the entire technolo...

BDO
Boston, Massachusetts

The Assurance Senior, Third Party Attestation will be responsible for the preparation of third-party attestation reports, including System and Organization Controls (SOC) 1, SOC 2, SOC 3, SOC for Cybersecurity and WebTrust for CAs, as well as HITRUST, SSPA, ISO, MRC and CSA STAR applying most areas ...

Promoted
Cognizant Technology Solutions
Boston, Massachusetts

Test Program Manager - Life Science. Act as the primary liaison between QA, regulatory, and business teams, providing regular updates on testing progress & outcomes. Cross-Functional Collaboration: Demonstrated success in working with diverse teams, including QA, regulatory, and business stakeholder...

Promoted
Berkshire Hathaway Specialty Insurance
Boston, Massachusetts

In this role, you will actively engage and work with offshore-based consulting partners in executing our quality assurance policy and claims activities. We have an exciting, entry-level opportunity to join our Boston office as an Associate QA Analyst within the IT team. The Associate QA Analyst is e...

Promoted
Bowman Consulting
Boston, Massachusetts

Provide mentorship through counsel, guidance, and knowledge to junior staff as a key component to the development of future Project and Senior Project Managers. Manage projects or direction of transportation tasks on projects and monitor project progress for technical accuracy and adherence to sched...

Promoted
Takeda
Boston, Massachusetts

Establish and maintain productive relationships with Takeda Global Quality and R&D Quality Compliance & Systems personnel to represent CT/CTQ in Quality e-system improvement projects, system configuration changes and associated activities applicable to frequently used modules (e. Principal M...

Promoted
Moderna, Inc.
Norwood, Massachusetts

In this role, you will be responsible for performing multiple activities in support of Modernas cGMP Quality Control (QC) Laboratories; maintaining the QC site execution schedule, at a daily and shift level, for all resources to ensure on-time, in-full delivery of results to support lots release and...

Promoted
Lantheus
Bedford, Massachusetts

We are seeking a quality manager to proactively support Chemistry, Manufacturing & Controls (CMC) aspects for the PET Supplier Quality Team. Other job responsibilities include supporting the PET Supplier Quality team with auditing, data collection, and QMS activities. Actively demonstrate the Lanthe...