What are the responsibilities and job description for the Advisory IT Risk Director position at Grant Thornton?
Job Duties:
- Perform engagement management responsibilities, including performance reviews, task delegation, project scheduling, project economics and financials, quality review and client management.
- Manage business development activities, such as proposals, capture, account teams, whitepapers, conferences, and/or other thought leadership material.
- Adhere to the highest degree of professional standards and strict client confidentiality.
- Understand and manage firm risk on audits and proposals.
- Working with organizations to identify and manage IT risks within their strategy execution model.
- Assist clients in applying key frameworks such as COBIT, NIST & ISO.
- Developing IT components with enterprise risk management programs.
- Leading IT risk assessments ranging from internal audits, system implementations and specialized IT areas (security, basis, access provisioning, etc.)
- Leading and executing IT audits and IT SOX engagements.
- Apply current knowledge of IT trends and systems processes to identify security and risk management issues and other opportunities for improvement.
- Manage the evaluation and testing of IT processes and system controls and identification of areas of risk.
- Manage internal auditing outsourcing and co-sourcing engagements for clients.
- Think strategically about practice enhancements and be able to embrace and manage change.
- Meet or exceed sales targets for new and follow-on work.
- Meet or exceed targeted billing hours (utilization).
- Maintain a good working relationship with clients and work effectively with client management and staff at all levels to gather information and perform services.
- Work closely with Grant Thornton managers and partners to promptly identify and resolve client problems or issues.
- Manage, develop, train, coach and mentor staff on projects and assess performance for engagement and year-end reviews.
- Motivate others to perform at maximum efficiency without sacrificing quality of the services delivered.
- Interview campus and/or experienced candidates.
- Other duties as assigned
Education: Bachelor's degree in Accounting, Finance, Information Technology, MIS or related field.
Certifications & Licensures: CPA, CISA, CISSP, CIA or CISM license/certification.
Experience: Minimum of 10 years of related work experience in a similar consulting practice or function servicing cross-industry clients at a national level
KSAs: Experience performing technology risk assessments and audits, operational internal audits, as well as process control reviews.
Areas of expertise should include at least some of the following: access control software, security architecture and administration, Internet use/firewalls, network security awareness and enforcement, security policies and standards, database security auditing, operating systems (Windows, UNIX, AS400).
Strong experience in staff and audit management in an integrated client service team.
Ability to manage and develop staff in a highly interactive team environment.
Exceptional client service and communication skills with a demonstrated ability to develop and maintain outstanding client relationships.
Ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced interactive, results-based team environment.
Strong leadership, business development, recruiting, training, coaching, and mentoring skills, coupled with excellent written, interpersonal, and presentation skills.
Ability to work additional hours as needed and travel on a regular basis to clients as required.
Good familiarity with IIA’s Standards
Practice development experience.
Ability to work additional hours and/or travel as needed.
Travel: 0.6