IT and Security Audit Consultant
PKF Antares is looking for a dynamic experienced IT and Security Audit Consultant to join our Calgary Office team. You will have the opportunity to work as a team member on diverse client engagements as part of our national and local practice. If you are looking for an exciting opportunity to grow your career and want to work with a skilled team, then this is the role for you!
PKF Antares with a head office in Calgary and branches across Canada is offering a wide range of accounting services at competitive rates to fast-growing companies in Canada. Our team provides a one-stop solution on Risk Management, Corporate Finance, Assurance, Accounting, Taxation and Internal Controls advisory.
What we are expecting:
· Three plus years of experience in public accounting, auditing companies as an IT or security auditor and minimum five years of experience in IT.
· IT Control Compliance testing experience required.
· IT Audit and SOC 2, ISO 27001 or SOX experience preferred.
· Understanding of how to analyze organizations’ processes and IT systems.
· In-depth understanding of internal controls, including business process, application, and IT controls.
· Skill in evaluating processes, risks, and controls.
· Experience auditing IT processes and IT systems against regulations, standards and best practices.
· Effective verbal and written communication, and time management and organizational skills
· Solid analytical and rich critical thinking skills.
· Comfort with asking questions to get answers.
· Ability to execute projects with minimal supervision.
· Enjoys challenges and can persevere.
· Ability to take direction and apply to different situations.
· Passion and commitment to providing quality client service.
· Experience in cloud audit or management is a great bonus but not required.
· Experience in Big4 audit company is a great bonus but not required.
· Demonstrate motivation for continuous personal improvement and professional growth.
· IT audit, risk or security certification preferred, but not required.
· Willingness to get additional certifications for expanding team credentials.
What we offer (besides the standard offer):
Along with being part of an experienced team with a global industry leader, we offer:
· Competitive wages and permanent, full-time work
· Opportunity to grow with a large global company
· On-the-job training for effective employee development
· Health, dental, accidental benefits
· Agile team
· Independence to manage projects.
· Environment that boosts your experience quickly.
• Audit Activities:
1. Plan, execute, and finalize ITGC and SOC 2, CSA STAR, Cybersecurity Maturity audit projects, ensuring that they are completed on time and within the stipulated budget.
2. Identify and evaluate client IT risks, operational processes, and related internal controls.
3. Draft clear and concise audit results for clients, detailing findings and recommendations.
4. Update audit methodologies and procedures as regulatory changes or best practices evolve.
5. Maintain up-to-date knowledge of the ITGC and SOC 2 standards and requirements.
6. Develop feedback to clients on improvements to their IT controls environment.
• Internal Security:
7. Assist in planning and execution of projects to transform internal cybersecurity processes.
8. Coordinate and monitor internal vulnerability assessments and penetration tests.
9. Promote security awareness and best practices throughout the organization.
10. Join internal security incident management team for timely and effective resolve incidents.
11. Stay updated on the latest cybersecurity threats and trends.
12. Monitor using technical and non-technical tools to identify weaknesses and recommend security solutions to enhance the organization's defense capabilities.
13. Collaborate with other teams to integrate security considerations into product development and operational processes.
• Cybersecurity Business Development:
14. Identify and pursue new business opportunities related to risk advisory and cybersecurity services.
15. Maintain and strengthen client relationships through regular communications and meetings.
16. Write and publish articles on current cybersecurity trends, standards, and best practices.
17. Attend and present at industry conferences, seminars, and workshops.
18. Develop sales materials, proposals, and presentations tailored for potential clients.
19. Work with the marketing team to promote our cybersecurity services and capabilities.
20. Provide input to senior management for strategic business planning and initiatives.
21. Collaborate with other business development teams to identify cross-selling opportunities.
22. Stay updated on industry standards, competitors, and market conditions.
23. Participate in the development and delivery of client workshops and training sessions.