Overview

Baker Tilly is a leading advisory, tax and assurance firm, providing clients with a genuine coast-to-coast and global advantage in major regions of the U.S. and in many of the world’s leading financial centers – New York, London, San Francisco, Los Angeles, Chicago and Boston. Baker Tilly Advisory Group, LP and Baker Tilly US, LLP (Baker Tilly) provide professional services through an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable laws, regulations and professional standards. Baker Tilly US, LLP is a licensed independent CPA firm that provides attest services to its clients. Baker Tilly Advisory Group, LP and its subsidiary entities provide tax and business advisory services to their clients. Baker Tilly Advisory Group, LP and its subsidiary entities are not licensed CPA firms.

Baker Tilly Advisory Group, LP and Baker Tilly US, LLP, trading as Baker Tilly, are independent members of Baker Tilly International, a worldwide network of independent accounting and business advisory firms in 141 territories, with 43,000 professionals and a combined worldwide revenue of $5.2 billion. Visit bakertilly.com or join the conversation on LinkedIn, Facebook and Instagram.  

Please discuss the work location status with your Baker Tilly talent acquisition professional to understand the requirements for an opportunity you are exploring.

Baker Tilly is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability or protected veteran status, gender identity, sexual orientation, or any other legally protected basis, in accordance with applicable federal, state or local law.

Any unsolicited resumes submitted through our website or to Baker Tilly Advisory Group, LP, employee e-mail accounts are considered property of Baker Tilly Advisory Group, LP, and are not subject to payment of agency fees. In order to be an authorized recruitment agency ("search firm") for Baker Tilly Advisory Group, LP, there must be a formal written agreement in place and the agency must be invited, by Baker Tilly's Talent Attraction team, to submit candidates for review via our applicant tracking system.

Job Description:

 

Are you interested in joining one of the fastest growing consulting and accounting firms in the country?

Would you like the ability to join a highly dynamic team focused on providing exceptional client service in the area of informational technology risk advisory?

If yes, consider joining Baker Tilly (BT) as an IT Internal Controls & Risk Manager! Our Risk Advisory practice provides a full spectrum of services to help our clients assess their risks, develop strategies to compete in an ever-changing business environment, and achieve their goals and objectives.  All of this is accomplished through deep industry knowledge of risk, governance, internal audit, compliance, IT, and cybersecurity best practices.

As one of the fastest growing firms in the nation, BT has the ability to offer you upward career trajectory, flexibility in how and where you get your work done and meaningful relationships with clients, teammates and leadership who truly care about you and your development.

Does this describe you?

• You want to continue to expand your work experiences and hone your skills as an IT risk and controls professional in the areas of IT governance, compliance,  and internal controls.
• You crave the opportunity to be part of a fast growing, entrepreneurial risk consulting practice where your hard work and creativity will be rewarded
• You do your best work when you are part of a talented, down-to-earth team that thrives in collaboration and truly enjoys working together
• You feel valued when you are provided the resources and support to continually sharpen your technical skills and build your career now, for tomorrow

What you will do:

• Manage complex client engagements, including IT SOX readiness, co-sourcing/outsourcing IT SOX assessments, program optimization and internal controls workstreams,
  • Provide IT related input and guidance on SOX risk assessments and scoping analyses to facilitate the development of an effective testing program.
  • Manage IT SOX-readiness activities related to design and implementation of relevant IT controls, including but not limited to IT general controls (ITGC), automated/configurable controls, and segregation of duty controls.
  • Lead software development lifecycle controls (SDLC) workstreams for ERP implementations to assist clients in managing an effective and well controlled implementation process.
  • Facilitate IT control walkthroughs and oversee test of design and operating effectiveness across multiple clients.
  • Participate in business process walkthroughs to identify and evaluate relevant IT dependencies associated with a client’s transactional processes.
  • Identify opportunities to embed automated controls in business processes and optimize internal control environments
  • Coordinate SOX program testing with key client stakeholders and external audit teams.
  • Evaluate control deficiencies, perform root cause analysis and co-develop management remediation actions.
  • Provide support and guidance to management as part of remediation efforts.
  • Establish project plans and coordinate the overall work effort of engagement teams; anticipate risks and issues and proactively take actions to address.
  • Provide periodic status updates to and engage with key stakeholders to prepare insight management and board / audit committee presentations.
  • Understand how IT controls and IT dependencies factor into a client’s overall SOX program and ensure the audit testing program and control deficiency evaluation process reflect appropriate consideration of risk.
  • Mentor and develop junior team members on fundamental concepts of SOX compliance including but not limited to:
    • Understanding a client’s business process to identify IT risks and associated controls
    • Identifying and evaluating IT dependencies within a client’s business process
    • Evaluating the design and implementation of key IT controls
    • Developing appropriately tailored testing procedures
    • Identifying and evaluating control deficiencies
    • Project management and effective communication
• Work closely with client executives and management teams to understand their businesses and assist in identifying and managing financial and operational risks within their business systems to ensure technology risks are managed:
  • Develop in-depth knowledge of clients’ businesses and industries by having direct client interaction while working on multiple aspects of an engagement
  • Think independently and strategically about your clients’ business, systems and risks providing recommendations for business and process improvements based upon knowledge gained relative to the client’s operations, processes and business objectives
  • Provide strategic business advice to clients by assisting in the implementation of new processes and controls that address key risks
  • Assess, manage and optimize information technology risk across a wide range of areas, including cybersecurity, IT strategy and governance, IT regulatory and compliance requirements, and business continuity.
  • Review clients' processes and controls against industry frameworks, identifying gaps in design and execution, and communicating issues and recommendations to clients
  • Manage the development of audit programs and the execution of internal audits and IT control assessments in the areas of:
    • IT SOX compliance
    • ITGC automated/configurable controls and other IT dependencies
    • IT entity level controls
    • IT strategy and governance
    • IT operations, business continuity and disaster recovery
    • Cybersecurity
    • Third party risk
    • Regulatory and compliance requirements
  • Draft comprehensive executive summaries and final reports for delivery to the client, documenting and reviewing engagement work papers in accordance with industry-accepted internal audit methodologies
  • Act as a valued business advisor, build relationships and communicate effectively with the client to provide superior client service
  • Facilitate professional and effective presentations to internal and external audiences
  • Continue to develop your knowledge and experience working with a variety of technology environments, platforms, applications and tools/utilities
• Assist with managing client engagement staffing, billings/collections, and ensure client profitability targets are met
• Utilize your entrepreneurial skills to network and build strong relationships internally and externally with clients and the community
• Take lead roles in practice development initiatives, including those related to branding and marketing (thought leadership, webinars, conferences, etc.) and capability build (training, methodology, tools/enablers, etc.)
• Invest in your professional development individually and through participation in firm wide learning and development programs
• Support the growth and development of team members through the Baker Tilly Care and Teach philosophy, helping associates meet their professional goals
• Enjoy friendships, social activities and team outings that encourage a work-life balance

Successful candidates will have:

• Bachelor’s degree in management/computer information systems, computer science, accounting information systems, computer engineering, industrial engineering, or related program
• CISA, CIA, or CPA certification(s) required
• 5+ year(s) experience with IT audit, previous experience performing IT SOX audits required
• Experience as a client service professional for a large national consulting firm desired
• Experience with major ERP systems and technology such as Oracle, SAP, Netsuite, MS Dynamics, Workday, Linux, UNIX, SQL, Oracle Database, AWS, Azure, data visualization, security tools, ticketing software, etc.
• Familiarity applying PCAOB auditing standards and other control frameworks such as ITIL, COSO, and CoBIT.
• Excellent analytical, technical and problem solving skills, with strong attention to detail
• Exceptional verbal and written communication, collaboration, and time management skills

The compensation range for this role is $ 117,940 to $255,520. Actual compensation is influenced by a variety of factors including but not limited to skills, experience, qualifications, and geographic location.

#LI - hybrid