Associate - It Risk Assurance

About IT Risk Assurance:
Our focus is on creating effective and efficient design for the most important business, security and compliance processes for our clients. We touch on aspects of application security and areas prone to fraud and financial misstatement, and streamline processes that are part of our clients' core businesses so they can get higher returns on key investments. Using innovative and proprietary technologies, we help to bridge the gap between business stakeholders, compliance functions and IT teams to assist their understanding of how to embrace new ways of working, while limiting their financial and operational risk profiles. We use knowledge of financial system design, risk mitigation, business process design, data integrity, security and use of data analytics.
Responsibilities:
• Work closely with the Audit team to perform assessments of the technical and general IT controls, infrastructure security, database security and business process/application controls
• Deliver IT risk management, controls and process advisory projects for our clients
• Work closely with the IT Risk Assurance and Cybersecurity team to perform the following:
• Execute network, application and operation system vulnerability assessments
• Use automated tools (e.g. Nessus) to pinpoint vulnerabilities and reduce time-consuming tasks
• Manually validate report findings to reduce false positives
• Develop requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, IDS and related network devices
• Continuously research new technology infrastructure, cyber security trends and security architecture changes, security standards, security systems and authentication protocols
• Execute source code reviews (analyse source code on a line-by-line basis)
• Prepare and communicate working schedules to clients
• Identify, analyse and discuss with audit clients the IT audit risks they face and propose recommendations
• Document working papers in a timely manner
• Prepare management letters for audit clients or final reports for advisory clients
• Assist in marketing and business development, including making proposals and meeting prospective clients