IT AUDIT, SOX & SYSTEMS - SECURITY MANAGER/CONSULTANT POSITION SUMMARY As companies become increasingly dependent on information technology (IT) to conduct daily business activities, they need to control and secure their overall technology infrastructure. Grant Thornton's Business Risk Services (BRS) practice, part of Business Advisory Services (BAS), addresses these controls and security issues. BRS offers an opportunity for you to leverage your accounting, auditing, and IT experience to broaden your business and project management skills in a rewarding and challenging environment. BRS focuses on reviewing operational, financial, and technology processes to provide management with an independent assessment of business risk, internal control, and the overall effectiveness and efficiency of the process. ESSENTIAL DUTIES AND RESPONSIBILITIES: -Adhere to the highest degree of professional standards and strict client confidentiality. -Manage, direct, and monitor client services teams on multiple engagements; plan, execute, direct, and complete information systems audits, business process control reviews, and other service offerings in a wide variety of industries; and manage to budget. -Review operational, financial, and technology processes to provide management with an individual assessment of business risk, internal control, and the overall effectiveness and efficiency of the process. -Work closely with clients and staff to develop client and project risk assessments, implement opportunities, and recommendations regarding business and IT process optimization, profit improvement, internal control, and compliance. -Work with audit and assurance teams and the client to plan engagement strategy, define objectives, and address technology-related controls risks. -Work with management consulting teams to implement controls in new systems deployment. - Lead security risk and vulnerability assessments to identify client business risks. -Evaluate and test business processes and business controls and identify areas of risk. -Apply current knowledge of IT trends and IT systems processes to identify security engagement issues and risk management issues. -Lead engagements with performing general computer and application controls reviews. -Lead the preparation of Service Audit Reports (SAR) in compliance with SAS70. -Lead the development and implementation of Business Recovery and Continuity Plans. -Lead the performance of security and penetration studies. -Participate in internal auditing outsourcing and co-sourcing engagements for clients. -Maintain active communication with clients to manage expectations, ensure satisfaction, make sure deadlines are met, and lead change efforts effectively. -Consult, work with, and service client base to make recommendations on business and process improvement and serve as a business advisor to client. -Work closely with partners, managers, and staff to integrate practice development skills into a team approach to client service and new business development. -Recruit, retain, and coach senior associates and associates in developing and achieving goals and objectives for performance and professional development. QUALIFICATIONS AND REQUIREMENTS: -Bachelors degree in Accounting, Finance, or Information Technology. -Six to ten years of experience at a senior consultant level in a similar practice or function with a Big 4 firm, servicing cross-industry clients at a national level or experience in industry in Internal EDP Audit or Internal IT Audit. -Certification/license as CISA, CISSP, ISSAP, ISSAM, or CISM. NSA IAM is desired. CIA, CPA, PMP or CFE preferred. -Experience performing business-based risk assessments, external penetration tests, internal technical vulnerability tests, and security policy and practice development. -Ideal candidates have a demonstrated knowledge of vulnerability assessment tools (e.g., Internet Security Scanner) and methods. -Experience performing financial, operational, and system audits, as well as business process control reviews. Knowledge and experience related to IT audits and Information Technology operations. Knowledge and experience with numerous business cycles and multiple accounting software applications is desired. Sarbanes-Oxley Section 404 experience is a plus. -Areas of expertise should include at least some of the follow To Apply to this job go to http://www.GadBall.com or click here