We are seeking an IT Risk & Assurance Assistant Manager to manage IT Audit, Technology Risk Management, System Assurance, and Independent IT Review workstreams, lead fieldwork activities, and ensure high-quality execution across client engagements.
In this role, you will oversee engagement execution, guide junior team members, and ensure deliverables meet professional, regulatory, and industry standards.
Key Responsibilities
- Manage end-to-end delivery of IT Audit, IT Risk, and Assurance engagements.
- Lead engagement planning, technology risk assessments, and scope definition activities.
- Supervise execution of IT General Controls (ITGC), application controls, and system assurance reviews.
- Review and approve working papers, testing documentation, and assurance reports.
- Identify, assess, and validate technology risks, audit findings, and remediation recommendations.
- Engage directly with client stakeholders to manage expectations and resolve issues.
- Coordinate engagement timelines, risks, resources, and deliverables.
- Ensure compliance with audit standards, methodologies, and industry best practices.
- Support independent IT reviews, remediation validation, and follow-up assessments.
- Coach and mentor Associates and Senior Associates.
Qualifications
- Bachelor's degree in Information Technology, Information Systems, Accounting, Cybersecurity, or related fields.
- 5–7 years of experience in IT Audit, Technology Risk Management, IT Assurance, or related advisory roles.
- Strong experience managing IT Audit, IT Risk, or Assurance engagements.
- Good understanding of IT controls, risk management frameworks, and governance practices.
- Proven leadership and stakeholder management skills.
- Excellent written and verbal communication skills in English.
- Ability to manage multiple engagements in a professional services environment.
- Big 4 or top-tier audit/consulting firm experience.
- Experience leading engagements in complex or regulated environments.
- Experience with ISO 27001 / ISMS assessments, implementation reviews, or certification readiness projects.
- Professional certifications such as CISA, CRISC, ISO 27001 Lead Auditor, or ISO 27001 Lead Implementer.
- Exposure to SOX ITGC, regulatory IT audits, or other assurance frameworks.