Search jobs > San Jose, CA > Senior it auditor

Experienced Senior SOC & IT Auditor, Third Party Attestation - Cloud, Privacy and Security

BDO
San Jose, CA, United States
$87K-$130K a year
Full-time

Job Summary :

The Assurance Experienced Senior, Third Party Attestation will be responsible for the preparation of third-party attestation reports, including System and Organization Controls (SOC) 1, SOC 2, SOC 3, SOC for Cybersecurity and WebTrust for CAs, as well as HITRUST, SSPA, ISO, MRC and CSA STAR applying most areas of the governing standard as necessary and documenting, validating, testing, and assessing various control systems, including internal controls.

Our TPA individuals specialize in these specific areas to understand the entire technology risk umbrella rather than maintaining overall knowledge in Information Technology General Control (ITGC) audit or IT audit.

Job Duties : Control Environment

Control Environment

  • Applies knowledge and understanding of the collective effect of various factors on establishing or enhancing effectiveness, or mitigating the risks, of specific policies and procedures by : Identifying and considering all applicable policies, laws, rules, and regulations of the firm, regulators, or other authoritative bodies as part of engagement team;
  • Making constructive suggestions to improve client internal controls and accounting procedures; Documenting and validating the operating effectiveness of the clients’ internal control system;
  • Supervising and reviewing the work of staff Documenting business and IT processes and controls and tests key controls for service organizations in a variety of industries;
  • Identifying and prioritizing key risks, and assesses their impact and likeliness of occurrence; Communicating to the client areas to improve processes, strengthen controls, mitigate risks, and / or increase efficiency;

Developing and maintaining relationships with client personnel and management; and Ensuring technology is appropriately integrated into the examination process

GAAS

  • Applies knowledge and understanding of professional standards; application of the principles contained in professional standards;
  • and the ability to document and communicate an understanding and application of professional standards on an engagement by : Developing and applying an intermediate knowledge of auditing theory, a sense of audit skepticism, and the use of BDO audit manuals;
  • Applying auditing theory to various client situations; Documenting working papers and attestation reports in line with BDO policy, identifying deviations and notifying more senior team members in order to obtain appropriate approvals;
  • Applying knowledge to identify instances where testing may be reduced or expanded and notifying more senior team members of the occurrence;

and Contributing ideas and opinions to the engagement team

Other

  • Applies knowledge and understanding of governing principles; applying these principles to client transactions; and documenting and communicating an understanding and application of these principles by : Planning and executing attestation examinations including obtaining an understanding of the control environment, designing test plans, evaluating deficiencies and assessing the overall financial reporting control environment.
  • Reading and reviewing clients’ reports, ensuring accuracy and completeness, and also ensuring that all supporting information is documented in the work papers and through appropriate testing;
  • Preparing required communications to the Client and the Audit Committee, as applicable; Recognizing and applying new pronouncements to client situations;
  • Identifying, analyzing and discussing alternative principles with the Manager, Senior Manager and engagement partner and the client, as needed;

Identifying complex issues and brings them to the attention of superiors for resolution; Coaching less experienced team members in new areas

Methodology

Applies knowledge and application of BDO standards to guide effective and efficient delivery of quality services and products by : Completing all appropriate documentation of BDO work papers;

and Ensuring assigned work is performed in accordance with BDO methodology and requirements

Research

Applies methodology used to seek or maintain information from authoritative sources and to draw conclusions regarding a target issue based on the information by : Researching basic and intermediate accounting topics and forming an initial opinion on the treatment independently

Project Management

Coordinate timing of planning, fieldwork, and review with audit team and client and assist engagement executives in developing the audit engagement budget and identify appropriate resources.

Develop the draft audit engagement planning documents, audit programs and budgets Establish with the engagement manager the responsibilities of individual audit staff for specific areas of audit work Monitor and report engagement budget to actual and advise engagement executives of possible overruns

Supervisory Responsibilities :

  • Provides verbal and written performance feedback to Associates on assigned engagement teams
  • Supervises the work assignments of Associates on assigned engagement teams
  • Teach / coach associates to provide on the job learning
  • Other duties as required

Qualifications, Knowledge, Skills and Abilities :

Education :

  • Bachelors degree in Accounting, Computer Science, Management Information Systems, Business Administration, Managerial Marketing and Entrepreneurship, Finance or Economics, required
  • Masters degree in Accounting and minor or dual major in Information Systems or other relevant advanced degree, preferred

Experience :

  • More than three (3) years of prior experience in IT, internal or external audit, required
  • More than one (1) year of prior supervisory experience, preferred
  • Experience performing internal control reviews, preferred
  • Experience performing SOC, WebTrust, HITRUST, SOX, ISO 27001 and security / privacy advisory engagements, preferred

License / Certifications :

One or more of the following certifications are preferred :

  • Certified Public Accountant (CPA)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)
  • ISO 27001 Lead Auditor certification
  • HITRUST Certified Common Security Framework Professional (CCSFP)
  • Certified Internal Auditor (CIA)
  • Certified Information Security Manager (CISM)
  • Certified Ethical Hacker (C EH)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified in the Governance of Enterprise IT (CGEIT)

Software :

  • Proficiency in Microsoft Office Suite, specifically Word, Excel and PowerPoint, required
  • Prior experience with various applications (., ERP systems), operating systems (., UNIX, Windows); and databases (., Oracle, SQL) beneficial, preferred
  • Exposure to cloud platforms, SaaS applications, security and engineering tools, and other industry software, preferred

Other Knowledge, Skills & Abilities :

  • Basic understanding and experience planning and coordinating the stages to perform technology-focused audits and assessments
  • Knowledge of internal controls and professional standards and regulations (SOC, ISO, WebTrust, HITRUST, Sarbanes-Oxley,
  • Knowledge of data analytics and emerging technologies desired
  • Strong verbal and written communication skills with the ability to adapt style and messaging to effectively communicate and interact with professionals at all levels both within the client organization and the firm
  • Ability to successfully multi-task while working independently and within a group environment
  • Solid analytical and diagnostic skills and ability to break down complex issues and implementing appropriate resolutions
  • Capable of working in a demanding, deadline driven environment with a focus on details and accuracy
  • Solid project management skills
  • Ability to travel as necessary

Individual salaries that are offered to a candidate are determined after consideration of numerous factors including but not limited to the candidate’s qualifications, experience, skills, and geography.

California Range : $87,000 - $130,000

NYC / Long Island / Westchester Range : $90,000 - $115,000

30+ days ago
Related jobs
Promoted
TikTok
San Jose, California

Our Ads Measurement Signal and Privacy team (MSP) is missioned to build our security and governance infrastructure and process for the ads system end-to-end while making sure our platform with large volume of various signals and data are constantly compliant with regional regulations across the worl...

NVIDIA
Santa Clara, California

Plan and conduct testing and training, both internally and externally and co-ordinate migration of the changes across system landscapes. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, re...

Cisco
San Jose, California

Excellent communication and presentation skills with the ability to speak to both business and technical audiences with brevity and clarity. Cisco’s Cloud Security Engineering team is seeking an experienced and accomplished Engineering Leader to lead the implementation of automated tools and framewo...

Scopely
Remote, California, United States
Remote

Scopely is looking for a Senior Remote Management and Automation IT Administratorto join our IT team in the. Scopely’s remote management tools (NinjaRMM, JAMF, JumpCloud, Meraki MDM), maintaining all endpoints (workstations and servers), and automating IT processes. At Scopely, we care deeply about ...

NVIDIA
Santa Clara, California

In this position, you will be working with other world-class architects on modeling, analysis and validation of chip architectures and features that advance the state of art in performance and efficiency. Do you love the challenge of crafting the highest-performance silicon GPUs and SoCs possible? I...

Grant Thornton
San Jose, California

As a Senior Manager within our Privacy & Data Protection practice, you will get the opportunity to grow and contribute to our clients' business needs across a variety of domains including privacy strategy, governance, automation, risk, and compliance management – all with the resources, environment,...

LeaderStat
Cupertino, California

They will work with you to coordinate onboarding, book and pay for travel arrangements, and assist with any questions along the way. Once we receive your application (please include a PDF of your resume, too!), we’ll create your LeaderStat candidate profile and send it to our recruiting team for rev...

ByteDance
San Jose, California

With a suite of more than a dozen products, including TikTok, Helo, and Resso, as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content. Team IntroductionThe Security Res...

CRESCENT SOLUTIONS
California, US

Work closely with customers, professional services and sales enablement teams to develop detailed requirements for incident resolution content used to diagnose and resolve IT, network, and security incidents with automations, processes and procedures. Must have outstanding written and oral communica...

Buildertrend
Mountain View, California
Remote

Work closely with Cloud Engineers and Site Reliability Engineers to implement and manage advanced security technologies and tools on public cloud platforms, such as identity and access management (IAM), encryption, key management, and network security controls. Additionally, they monitor network tra...