IT Internal Audit and Technology Risk Services - Manager
CohnReznick

As CohnReznick grows, so do our career opportunities. As one of the nation's top Professional Services and Business Advisory firms, we foster teams in Advisory, Assurance, and Tax services that value innovation and collaboration in everything they do!

YOUR TEAM.

We currently have an exciting career opportunity for an IT Internal Audit Manager to join our Cybersecurity, Technology Risk, and Privacy team.

CohnReznick is a hybrid firm meaning most of our professionals are located within a commutable distance to one of our offices. This is a hybrid position. Hybrid employees are expected to alternate time between both remote and office. At CohnReznick, we believe in creating the conditions in which everyone can do their best work, collaborate, learn, and build community. This results in our ability to create opportunities for our people, make a difference for our clients, and strengthen our internal and external communities.

Our Cybersecurity, Technology Risk & Privacy (CTRP) team helps organizations develop customized, strategic, business-oriented cybersecurity, technology risk management, and privacy programs using the latest tools and processes needed to conduct threat detection, IT risk analysis, risk mitigation, breach response and comply with regulations. Join a diverse team of fun-loving, energetic professionals with decades of experience managing security, technology, and privacy risks in nearly every industry sector who have a passion for creating tailored solutions that go beyond technology offerings or tools and help clients reduce cost of compliance while mitigating risks.

WHY COHNREZNICK?

At CohnReznick, we're united by a common mission to create opportunity, value, and trust for our clients, our people, and our communities. Whether it's working alongside your peers to solve a client challenge, or volunteering together at the local food bank, there are so many ways to find your "why" at the firm.

We believe it's important to balance work with everyday life - and make time for enjoyment and fun. We invest in a robust Total Rewards package that includes everything from generous PTO, a flexible work environment, expanded parental leave, extensive learning & development, and even paid time off for employees to volunteer.

YOUR ROLE.

Responsibilities include but not limited to:

• Assess technology, cybersecurity, and privacy risks and provide value-added advisory services aligned with the clients' strategies and enterprise risk profiles.
• Evaluate client IT environments including IT systems, processes, risk, and controls to ensure compliance with prevailing standards, laws and regulations.
• Assess clients' IT governance frameworks and controls to identify weaknesses in IT process, systems and infrastructure and help ensure operational effectiveness and efficiency.
• Work with clients in a broad array of industries including banking, financial services, information technology, not-for-profit, government contracting, life sciences, manufacturing, etc.
• Assess and facilitate clients' compliance with laws, regulations, and industry standards such as Sarbanes-Oxley (SOX), NIST, FFIEC, NYDFS, FISCAM, FISMA, SSAE/SOC, Cloud Security Framework, FedRAMP, OMB A-123, COBIT, ISO27001, etc.
• Understand clients' organizations and provide pragmatic, value-added solutions and best practices.
• Conclude on the business impact to the organization as it relates to identified cybersecurity, technology, and/or privacy risks.
• Prepare formal written reports for senior management and audit committees and provide recommendations to strengthen and improve operations, risk mitigation, and compliance.
• Maintain knowledge of emerging IT risks and trends to ensure audit procedures and processes remain up to date.
• Plan, manage, and execute simultaneous complex engagements, maintain quality standards, and proactively manage client issues and expectations.
• Lead and supervise teams of professionals to ensure timely and effective completion of projects and balance client needs with profitability.
• Handle day-to-day practice and client administrative matters (performance reviews, staffing, budget-to-actuals monitoring, etc.)
• Undertake other special technology risk and cybersecurity projects as requested by the clients based on the mission, objectives, and risks of the clients.
• Identify areas for risk transformation and automation to assist clients with reducing the cost of compliance, and consider data analytics, RPA, and/or AI to promote efficiency.
• Develop and maintain relationships with key client stakeholders, including senior management and outside audit firms.
• Participate in business development activities such as professional networking, proposal development, etc.
• Recruit, manage, develop, train, coach and mentor staff on projects and assess performance for engagement and year-end reviews.
• Other related duties assigned as needed.

YOUR EXPERIENCE.

The successful candidate will have:

• A minimum of 7 years of experience in IT internal audit, technology risk, and cybersecurity
• Background and understanding of the risks and controls in technologies such as cloud, client/server, operating systems, databases, data warehousing, identity and access management, and IT infrastructure.
• Experience managing teams of various sizes across geographical boundaries.
• Must be able to collaborate and work in a matrixed, hybrid team environment leveraging technology from the field.
• Bachelor's degree or higher in Information Systems, Computer Science, Cybersecurity, Engineering, Internal Auditor or another related field
• At least one certification for CISA, CISSP, CRISC, CISM, CIA, or other applicable professional certifications.
• Exceptional oral and written communication skills
• Strong time management skills, with demonstrated ability to work a flexible schedule during key business deadlines.
• Ability to thrive in a dynamic, constantly changing environment.
• Proactive, self-directed, detail-oriented, with the ability to work in a fast-paced environment.
• Experience with Workiva, Audit Board, or other GRC or internal audit software is a plus.
• Ability to travel domestically and internationally for 2-to-3-week periods up to 50% of the year.

Studies have shown that we are less likely to apply to jobs unless we meet every single qualification. At CohnReznick, we are dedicated to building a diverse, equitable, and inclusive workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we still encourage you to apply. You may be just the right candidate for this or one of our other roles.

CohnReznick is an equal opportunity employer, committed to a diverse and inclusive team to drive business results and create a better future every day for our team members, clients, partners, and communities. We believe a diverse workforce allows us to match our growth ambitions and drive inclusion across the business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability. For more information, please see Equal Employment Opportunity Posters

If you are an individual with a disability in need of assistance at any time during our recruitment process, please contact us at CRaccommodation@CohnReznick.com Please note: This email address is reserved for individuals with disabilities in need of assistance and are not a means of inquiry about positions or application statuses.

CohnReznick does not accept unsolicited resumes from third-party recruiters unless such recruiters are currently engaged by CohnReznick Talent Acquisition Team by way of a written agreement to provide candidates for a specified opening. Any employment agency, person or entity that submits an unsolicited resume does so with the understanding that CohnReznick will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person or entity.

#GD #CB #LI-Remote

/*generated inline style */

---