Bough is a decidedly different kind of advisory, assurance, and transformation solutions firm. Working collaboratively with clients in finance, audit, and compliance organizations, we co-create fully integrated and comprehensive solutions that connect people, processes, and technologies to navigate accounting, reporting, and compliance matters. Our services include finance and accounting advisory, revenue assurance, FP&A advisory and support, risk advisory, and process automation and transformation. We are busy and sometimes crazy busy delivering exceptional results to our clients with trust, quality, and humanness. Our name 'Bough' means the main branch of a tree - a name that keeps us grounded in nature and emphasizes our belief that we wish to be the main branch on which our clients and employees lean with trust. For any position we are hiring, we don’t just want you to be an ambitious, analytical, multi-skilled, risk-taking go-getter for Bough. We want you to be more. More for yourself and for anything you undertake. Socially responsible, intuitive, empathetic, trustworthy, thoughtful, imaginative, creative, and curious are some words that resonate with us. Your skills are a qualifier, and we believe that each of us is much more than the skills we bring to our job - the person we are looking for... Role Description: We are building our Risk Advisory practice to assist clients in addressing their risk management requirements by providing clear perspectives and critical insights to key stakeholders (e.g., CAEs, audit committees). You'll be an integral part of this practice—spanning internal controls support, regulatory compliance, SOX, internal audit, risk transformation, technology risk, and more—and should possess excellent skills in risk management, communication, facilitation, relationship-building, and presentation. You will be responsible for delivering insightful and practical solutions to complex client challenges. Key Responsibilities: Lead SOX 404 financial statement mapping, risk assessment, and scoping processes Ensure the appropriateness of internal control documentation for financial processes, including planning documents, narratives, process maps, walkthroughs, and control testing Assist clients across the internal audit and risk management landscape, including internal audit co-sourcing, governance, regulatory compliance, risk transformation, and audit analytics projects Discuss findings and observations with management, including remediation strategies and optimization opportunities Provide client management support and serve as a liaison between client and project teams Develop client relationships and act as a trusted advisor by understanding their business, listening to their needs, and ensuring responsive service and exceptional quality Own end-to-end delivery of projects, including planning, budgeting, reviewing work papers, and providing feedback, mentorship, and thought leadership Assist clients in audit preparation and coordination with external auditors Identify opportunities to leverage data analytics and automation technologies to drive efficiencies and add value to client engagements Participate in recruiting, business development, and knowledge-sharing initiatives Basic Qualifications: For Business Risk Bachelor’s or Master’s degree in Accounting, Finance, Business, or a related field 5+ years of experience in risk management, internal audit, SOX, or regulatory compliance, preferably in a Big 4 or large professional services firm Certified (CA, CPA, CIA, or CFE — mandatory) Proven track record in leading internal controls, risk reviews, audits, and compliance projects Familiarity with COSO, SOX, and ICFR frameworks For IT Risk Bachelor’s or Master’s degree in Information Systems, Security, Computer Science, Engineering, or a related field 5+ years of experience in IT risk, ITGC, SOX IT controls, cybersecurity, or regulatory compliance, preferably in a Big 4 or large firm Certified (CISA, CISSP, or similar — mandatory) Strong leadership in IT audits, including ITGC, ITACs, ERP (SAP is a plus), SOC 1/2, using frameworks such as COBIT, NIST, and ISO 27001 Preferred Skills: Excellent analytical and problem-solving ability. Strong written and verbal communication; able to explain technical concepts clearly. High energy, enthusiasm, and a commitment to exceeding client expectations. Entrepreneurial mindset with eagerness to learn and grow. Ability to work both independently and in a collaborative team setting. Show more Show less