We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Sensiba San Filippo LLP jobs

Senior Associate - ISO

Sensiba San Filippo LLP
65000.00 To 75000.00 (USD) Annually
United States, California, Pleasanton
5960 Inglewood Drive (Show on map)
Mar 04, 2025

Summary:

The Senior Associate is responsible for ensuring client satisfaction and efficient execution of engagement plans, while being the coach and advisor to team members. This role will focus on business processes and IT control auditing (primarily ISO 27001/27701/42001) and assessment services with responsibilities that include evaluating, testing, and documenting key business processes, access controls, and change management controls for engagements The Senior Associate will build robust client relationships grounded in a deep understanding of their operations, challenges, and compliance needs. The role is pivotal in delivering top-notch services, centering on clients' business, IT, and security risk management.

Responsibilities:

  • Lead and conduct detailed audits of clients' business processes and IT controls, ensuring compliance with industry standards and regulations.
  • Observe, review, document, and test key business process transactions, access controls, change management controls, operational and organizational controls, and automated controls for engagements
  • Review, document, evaluate and test application controls, particularly automated controls on a wide range of systems and software applications across a wide variety of client business processes
  • Evaluate clients' business, IT, and security risks, identifying areas of concern and recommending appropriate control measures and process improvements to mitigate risks.
  • Assess security policies and procedures, reviewing risk management / risk assessment documentation, and controls of our clients' business applications, networks, operating systems, and other components of their technology infrastructure
  • Support internal and external security assessments of new and existing services and infrastructure including operational, regulatory, and contractual requirements
  • Develop and nurture strong relationships with clients, gaining insight into their businesses, risks, and compliance requirements to tailor audit approaches effectively.
  • Execute audit procedures efficiently and effectively, analyzing systems, processes, and controls to assess their adequacy and effectiveness in managing risks..
  • Prepare comprehensive audit reports detailing findings, recommendations, and remediation plans, ensuring clear communication of audit results to clients.
  • Develop a technical understanding of cyber security best practices in order to advise and audit clients on their security posture
  • Follow up on remediation progress or management responses
  • Guide and mentor less experienced team and project members

Qualifications:

  • Bachelor's degree required; MIS, IT or related field preferred
  • 3 + years of IT Audit experience or Audit experience
  • Experience leading ISO 27001/27701/42001 audits
  • Experience with controls reviews along with recommending, designing and advising on applicable IT controls
  • Experience teaching, training, mentoring other staff members is preferred
  • ISO Lead Auditor Certification is preferred
  • Relevant professional designation such as CISA, CISSP, CIPP, etc. is a plus
  • Experience with ISO 27001 readiness platforms (e.g., Drata, Vanta, etc.) is preferred
  • Experience with Microsoft Office products; particularly Excel and Word
  • Knowledge of relevant regulations and industry standards (e.g., SSAE 18/SOC, HIPAA, ISO-27001, COSO, HITRUST, etc.) and best practices and methodologies to address these requirements.
  • Fundamental understanding of audit principles such as risk assessment, materiality, independence and sufficiency of evidence
  • Ability to apply these requirements to organizational internal control frameworks
  • Understanding of technical concepts such as cyber security, virtualization, data center, cloud computing, and the like
  • Ability to interpret/relay technical information to all levels of technical aptitude, including senior management. This includes written and oral communications
  • Documentation skills are a must. Ability to articulate, write and present information in a clear and understandable manner and to meet the re-performance standard required for supporting our audit work
  • Strong time management, project management and organizational skills with the ability to manage multiple priorities successfully within a deadline-driven environment
  • Strong interpersonal skills
  • Demonstrated ability to quickly understand and assimilate business processes
  • Demonstrated integrity, maturity, dependability, and a strong work ethic within a professional environment
Applied = 0
MORE JOBS LIKE THIS

(web-b798c7cf6-l9rr9)