CISSP Jobs - Supervisor - Technology Risk Consulting Financial Institution, 13043

Location Tampa, FL
Date Posted February 9, 2019
Category Default
Job Type Full-time


RSM is seeking an IT Consulting Senior or Supervisor to work within the Risk Advisory Consulting Practice. The individual will be responsible for planning engagements, supervising staff, and executing IT Risk consulting, IT Risk Management, Information Security Assessments, Application Controls Security Assessments, ERP Security & Controls, Embedded Risk Management, and other IT transformation projects as needed. Specifically, the responsibilities of this position will include but not limited to the following:  

General Administrative

  • Managing the delivery of timely engagement results and high-quality deliverables in accordance with professional and industry standards
  • Hands-on delivery and execution of project tasks for complex technology environments 
  • Presentation and communication of project status and risk-based observations and proposed solutions to client’s senior management 
  • Developing and maintaining relationships with stakeholders and identifying technological and operational risk mitigating opportunities as a first choice advisor 
  • Supervising, training, and mentoring staff level personnel and coordinating with client resources as needed 
  • Establishing performance expectations for staff level personnel and providing performance feedback 

IT Specific

  • Developing and managing the execution of IT Risk Assessments in conjunction with the implementation of Enterprise Risk Management governance structures/programs and the develop of client annual audit plans 
  • Planning and managing the execution and delivery of client’s risk-based T audit plans, which may include IT general control reviews, IT application control reviews, IT infrastructure reviews, IT operational process reviews, IT governance & strategy design assessments, and SOX compliance related activities 
  • Leading the execution of highly specialized reviews such as data integrity, Information security risk assessments, technical compliance reviews, etc. 
  • Developing leading practice, IT integrated Internal Audit Methodologies, for internal use and client service delivery 
  • Identifying and assessing business / operational processes, IT risks, and internal controls to evaluate the design and operating effectiveness of the overall financial institution control environment 
  • Developing and leading ERP (e.g., SAP, PeopleSoft, Oracle) advisory related activities, which may include business process improvement, Security risk & controls review, SoD analysis, SoD conflict management design, and application security assessments 
  • Experience or knowledgeable of practices related to delivering data protection, breach management and regulatory privacy assessments 
  • Experience or knowledgeable of data transformation or analytics at retail and institutional banking and capital markets models in the lines of defense related to areas such as consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, asset, wealth and investment management, mortgage, consumer and commercial finance
  • Experience of knowledge of practices related to delivering NIST based information security reviews based on the clients implementations of frameworks such as, NIST 800.53r4,  FISMA, FedRAMP and NIST 800.171 
  • Advising area leadership on the development and execution of the IT Risk service line growth program and overall go-to market strategy 
  • Identifying opportunities within current engagements to expand the scope of services rendered and the ability to be market facing to identify and potentially pursue new client prospects 
  • Participating in professional organizations and developing leading practice point of views of relevant IT Risk related topics for internal marketing and external organizational branding 
  • Partnering with management to develop and validate draft IT audit reports and establish practical corrective action plans in response to technology and operational risks/observations 
  • Individual project assignments will be performed under the RAS leadership.  Working knowledge of industry standards (e.g., COBIT, etc.), strong analytical abilities, and exceptional project management skills are keys to success in this unique and challenging position 

Specific Job Knowledge, Skill and Ability

  • The individual must possess the following knowledge, skills, and abilities and be able to perform the essential functions of the job, with or without reasonable accommodation 
  • Understanding of internal control concepts / frameworks (e.g. COBIT 4/5, NIST 800.53, COSO, ICFR, etc.) 
  • Experience/knowledge auditing IT processes and controls, including flow charting and risk identification 
  • Thorough understanding of complex information systems, emerging IT trends/best practices, and proven ability to apply in diverse and continuously evolving client / company environments 
  • Polished and professional interviewer/negotiator with unsatisfied curiosity 
  • Excellent presentation, speaking and written communication skills with ability to lead meeting/audits/ report generation 
  • Experience education/training clients or internal employees on IT SOX requirements 
  • Ability to work independently and in a team environment with superior interpersonal and collaboration skills 
  • Advanced project management and problem solving capabilities 
  • Strong analytical, strategic thinking, and tactical audit execution skills 
  • Strong work ethic with self-accountability for high-quality results 
  • Willingness to openly challenge the status quo and drive positive process/control/business and technology improvements 
  • Positive attitude and perseverance in the face of challenges and/or changing circumstances 
  • Innate leadership skills with an emphasis on optimizing individual and team productivity/contributions 
  • Keen instinct and opportunistic business sense capable of proactively identifying/preventing possible problems 
  • High-energy self-starter capable of completing a diverse workload with strict timelines 
  • Absolute discretion and confidentiality regarding sensitive information 
  • Highest standard of ethical conduct and integrity 

Basic Qualifications

  • Bachelor’s or advanced degree in Information Assurance, Accounting, Computer Science, Information Systems Management, and / or related discipline 
  • 5+ years of related work experience in IT risk consulting, with at least two years as a project manager/team lead 
  • Certified Information Security Systems Professional (CISSP), Certified Information Systems Auditor (CISA) or similar certification 
  • Willingness to travel up to 30%, including international destinations requiring a passport on short notice and potentially for extended periods of time 

Preferred Qualifications

  • Extensive experience working as a financial institution IT auditor or IT risk advisor for a public accounting firm, a professional services firm, or a publicly traded global financial services organization 
  • Significant experience applying relevant IT/technical knowledge in financial statement audits, operational audits, SSAE16’s engagements, ERP security and controls reviews, investigations, etc. 
  • Multi-national company/audit exposure 
  • Certified Information Security Systems Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Public Accountant (CPA), Certified Internal Auditor (CIA)

You want your next step to be the right one. You've worked hard to get where you are today. And now you're ready to use your unique skills, talents and personality to achieve great things. RSM is a place where you are valued as an individual, mentored as a future leader, and recognized for your accomplishments and potential. Working directly with clients, key decision makers and business owners across various industries and geographies, you'll move quickly along the learning curve and our clients will benefit from your fresh perspective.

Experience RSM US. Experience the power of being understood.

RSM is an equal opportunity/affirmative action employer. Minorities/Females/Disabled/Veterans.