Senior Consultant, IT Audit & Technology Risk Advisory

Own Your Career  

We deliver unparalleled opportunities to drive your career advancement and we have a rewarding employee culture to support it.    

Now is the time to truly own your career and deliver real value to some of the world’s most valuable Fortune 100 brands, growth companies transforming their industries, and mid-market firms that need help navigating the defining moments of their lifecycle. Be a part of a collaborative organization with a commitment to learning. Work side by side with business leaders to solve complex client challenges. Discover opportunities to participate in an inclusive and diverse workforce. Collaborate with our Women’s Initiative, explore issues surrounding Diversity & Inclusion with our IDEAS committee, or help to shape our employee experience with our Employee Engagement Committee!  

The Team: Risk & Regulatory – IT Audit and Technology Risk 

Our team is comprised of a powerful mix of seasoned professionals with public accounting experience and IT professionals with deep expertise in a broad range of services and industries. We take a comprehensive approach to help clients navigate through internal audit, risk, and compliance activities. We work as a broader team to address a wide range of business needs across the organization.  

Your Impact 

• Work with emerging growth companies and established enterprises (both publicly traded and privately held) on a wide variety of projects including SOX readiness and compliance, internal audit, and ERM. 
• Support information systems engagements and IT controls assessments from beginning to end, including planning, execution, reporting, and supervision of Consultants. 
• Apply current knowledge of IT trends, techniques, and risks to identify security and risk management improvement opportunities to enhance value to our clients. 
• Identify internal controls issues within our clients’ IT environments and develop gap analyses. 
• Develop understanding of core IT processes and look for opportunities to help IT management in gaining process efficiencies and control optimization. 
• Summarize and document results of work performed including management reporting. 
• Educate internal and external audiences on technology risk and control best practices. 
• Understand the breadth of services offered by Risk & Regulatory, as well as MorganFranklin holistically, to be able to identify additional opportunities at our clients. 
• Establish credibility as a trusted advisor. 
• Support the Risk & Regulatory practice to achieve key goals and initiatives. 

Your Experience 

Minimum Qualifications 

• Bachelor’s degree in Management Information Systems, Computer Science, Accounting, Business Administration or related field 
• 2+ years of professional services experience and/or relevant industry IT Audit or information security  
• Knowledge of IT controls and governance frameworks such as COBIT, NIST SP 800-53, ISO 27001/2 
• Knowledge of the Sarbanes-Oxley Act, as well as experience executing Sarbanes-Oxley Compliance activities over IT general computer controls, including process and controls documentation, assessing control design, and executing testing control operating effectiveness 
• Strong foundational knowledge of infrastructure and platforms components such as Windows, Linux, Unix, Active Directory, SQL, MySQL, Oracle 
• Strong understanding of the key domains of IT general controls (change management, access to programs and data, computer operations and systems development), as well as IT dependencies (segregation of duties, automated controls, key reports and interfaces) 

Preferred Qualifications 

• Master’s degree or MBA 
• CISA, CISSP, or other applicable certification 
• Familiarity with the audit and control of common Enterprise Resource Planning (ERP) and accounting systems (i.e., Oracle, SAP, PeopleSoft, JD Edwards, Workday, NetSuite, Microsoft Dynamics 365) 
• Knowledge of IT leading practices to provide clients effective and practical recommendations 
• Demonstrated knowledge of internal controls, business processes, internal audit functions, accounting/audit practices, procedures and/or reporting standards 
• Experience with performing platform security assessments or cyber security 
• Flexibility for at least 25% travel