Job
Description
Your Role in Shaping Trust & Resilience What You’ll Drive Consultant/ Senior Consultant(s) - (2–5 Years Experience) Key Responsibilities: Execute end-to-end IT audits and assurance engagements across IT General Controls (ITGC), Application Controls, Cloud & Cybersecurity reviews, cloud assessments, and digital control reviews Support assurance projects across frameworks like NIST, ISO 27001, SOC 1, and SOC 2 through control evaluation and evidence analysis. Perform walkthroughs, control testing, and documentation of IT and business process controls Contribute to audit documentation, risk assessments, and walkthroughs with clients. Learn and apply industry best practices across cloud, cybersecurity, and governance domains Role: Deputy Manager (5–7 Years) Key Responsibilities: Execute and manage medium to large-scale SOC Attestation and digital risk assurance engagements with oversight. Conduct risk assessments and design controls aligned with regulations (SSAE 18, ISAE3402, HIPAA, ISO 27001). Evaluate and implement controls across cloud platforms, DevSecOps environments, SaaS, and APIs. Support on cybersecurity assessments, cloud risk and third-party risk engagements. Perform compliance reviews and control testing aligned to regulatory frameworks. Perform maturity assessments, prepare remediation plans, and support clients through audit readiness and attestations. Lead client workshops, prepare deliverables, and coordinate with stakeholders for effective engagement delivery. Collaborate on proposal development and client solutioning efforts. What Were Looking For Regardless of your level, we value: Experience in digital risk, IT audit, cybersecurity, and compliance assurance. Passion for technology, risk, and assurance with a problem-solving mindset Strong understanding of IT control regulatory frameworks and standards (COBIT, NIST, ISO, ITIL, HIPPA etc.) Proficiency in control testing, risk evaluation, and reporting Excellent communication skills—able to bridge technical insights with business need. Certifications like CISA, ISO 27001 LA, CISSP, or cloud security certifications (a plus) Comfort with ambiguity and ability to thrive in fast-paced, client-facing environments.
