Crowe
IT Audit Senior Consultant
Crowe, Oakbrook Terrace, Illinois, United States,
Your Journey at Crowe Starts Here:At Crowe, you have the opportunity to deliver innovative solutions to today's complex business issues. Crowe's accounting, consulting, and technology personnel are widely recognized for their in-depth expertise and understanding of sophisticated process frameworks and enabling technologies, along with their commitment to delivering measurable results that help clients build business value. Our focus on emerging technology solutions along with our commitment to internal career growth and exceptional client value has resulted in a firm that is routinely recognized as a "Best Place to Work." We are 75 years strong and still growing. Come grow with us!Job Description:Job SummaryBy joining Crowe's Internal Audit Technology team, you will be helping make the world a more honest, safe and secure place. As a member of our collaborative team, you will be working alongside experts in the IT and security fields to protect our clients from threats and vulnerabilities and assist them with their complex IT and security needs. We will enable an entrepreneurial and innovative environment for you to deliver transformative IT and security consulting services and to develop deeply specialized skill sets demanded in today's market.
The Internal Audit Technology Senior Consultant will be responsible for planning and executing cybersecurity projects and IT risk assessments. They will be a technical leader on project teams to deliver high quality. This position will perform work, as well as oversee the technical work of some junior level personnel. This position will work directly with other project leads, managers, and/or executives to communicate business and technical aspects of the work being performed. The Internal Audit Technology Senior Consultant will set performance expectations for junior level personnel and provide constructive performance feedback on a regular basis. This person may also assist the engagement economics of the projects, including budget status tracking.
The Internal Audit Technology Senior Consultant will conduct Cybersecurity engagements and IT risk assessments, including but not limited to the following areas and responsibilities:Client Delivery - Technical lead on client engagements
Cybersecurity Assessments
Cybersecurity Strategic Advisory
Information Security Governance Design and Transformation
Information Security and Risk Management Consulting
IT Security Technology Implementations
Penetration Testing
Prepare reports or other necessary documentation to detail results of evaluation and otherwise meet the objectives of the project
Submit recommendations to the project manager for corrective action or to support a recommended approach to solving the client's needs
Correspond with a variety of clients and communicate security issues, recommendations, and deliverables effectively
Execute cybersecurity engagements independently and/or within a collaborative team at a high level
Internal Development
Generate ideas for new cybersecurity solutions aligned with our clients evolving needs
Business / Market Development
Attend and present at cybersecurity conferences
Project execution including overall project planning, IT risk assessments,supervising staff with 1-3 years of experience, executing fieldwork, and reporting
Evaluating and testing application and IT general controls across a variety of systems
Seeking to further client relationships through quality service delivery and the successful execution of projects
Define performance expectations, evaluate the performance of staff IT auditors, provide feedback and participate in training
Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
Present findings on IT controls to management
QualificationsBachelor's degree required, candidates must possess significant analytical skills, which likely evolved from early academic training in Cybersecurity, Information Systems, Computer Science, or similar discipline.
Minimum 2-4 years of business experience in the areas of Information Security.
Experience in Financial Services is required
Penetration testing experience is strongly preferred
Certified Information Systems Security Professionals (CISSP) or OSCP certification, or willingness to obtain
Experience within consulting or professional services, or at leading industry public companies is preferred
Prior experience supervising junior level resources in the areas of Information Security.
Knowledge of industry accepted cybersecurity frameworks including NIST, ISO, and others
Some system and network administration experience on Windows, UNIX, Linux and/or Mac
Knowledge of security areas such as Access Management, Data Loss Prevention, Incident Management, IT Asset Management, Mobile Device Management, Threat and Vulnerability, Endpoint Security, VMware, and Cybersecurity Governance
Strong writing and interpersonal communication skills.
The ability to handle multiple projects concurrently
Ability to lead execution teams for various projects
Ability to travel up to 60%
Technology Skills preferred:Network Security Practices: Auditing, planning, design, implementation, testing, and management
Microsoft Windows, Red Hat Linux, IBM AIX, and other UNIX/Linux variants
Microsoft Active Directory and Group Policy
Network architecture and protocols: TCP, UPD, IP, HTTP(S), DNS, NetBIOS, SMB, SSH, IPSec, EIGRP, OSPF, BGP, TLS, and others
Microsoft SQL Server, Microsoft SharePoint, Microsoft Exchange, and others
Penetration Testing tools: Burp, Nmap, Metasploit, Empire, Cobalt Strike, and others
Intrusion Detection, Intrusion Prevention, Security Information and Event Management solutions
Cryptographic tools, suites, and algorithms
Build a Successful Future in Consulting!At Crowe, Consulting professionals provide thought leadership, process expertise, and technology insight in order to help clients identify, assess, evaluate, and reduce risks. Our Consulting professionals serve large organizations across many industries in an environment where innovation and new ideas are highly encouraged. Through various programs, we provide you with learning and reinvention through high-impact formal and systemic training, including industry, solution, technology, and consulting training, as well as certification. You will be part of a strong global team environment with a fast-paced, challenging, and collaborative setting.At Crowe, we strongly endorse an open door policy. Our partners are approachable and accessible across the entire organization. Our team-based culture encourages partners to be in touch with our professionals and active on client projects. The partners of our company lead by example and maintain a strong two-way channel of communication with their teams. We strive to create an environment that is relaxed, fun, dynamic and fulfilling. Our team-based culture has not only resulted in successful projects, but in long lasting friendships as well. Overall, our people find their career choices to be highly rewarding and fulfilling.We expect the candidate to uphold Crowe's values of Care, Trust, Courage, and Stewardship. These values define who we are. We expect all of our people to act ethically and with integrity at all times.The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Crowe, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $84,706.00 to $168,877.00 per year.
Our Benefits:
At Crowe, we know that great peopleare what makes a great firm. We value our people and offer employees a comprehensive benefits package. Learn more about what working at Crowe can mean for you!
How You Can Grow:
We will nurture your talent in an inclusive culture that values diversity. You will have the chance to meet on a consistent basis with your Career Coach that will guide you in your career goals and aspirations. Learn more about where talent can prosper!
More about Crowe:
Crowe (www.crowe.com) is one of the largest public accounting, consulting and technology firms in the United States. Crowe uses its deep industry expertise to provide audit services to public and private entities while also helping clients reach their goals with tax, advisory, risk and performance services. Crowe is recognized by many organizations as one of the country's best places to work. Crowe serves clients worldwide as an independent member of Crowe Global, one of the largest global accounting networks in the world. The network consists of more than 200 independent accounting and advisory services firms in more than 130 countries around the world.
Crowe LLP provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.Crowe LLP does not accept unsolicited candidates, referrals or resumes from any staffing agency, recruiting service, sourcing entity or any other third-party paid service at any time. Any referrals, resumes or candidates submitted to Crowe, or any employee or owner of Crowe without a pre-existing agreement signed by both parties covering the submission will be considered the property of Crowe, and free of charge.
The Internal Audit Technology Senior Consultant will be responsible for planning and executing cybersecurity projects and IT risk assessments. They will be a technical leader on project teams to deliver high quality. This position will perform work, as well as oversee the technical work of some junior level personnel. This position will work directly with other project leads, managers, and/or executives to communicate business and technical aspects of the work being performed. The Internal Audit Technology Senior Consultant will set performance expectations for junior level personnel and provide constructive performance feedback on a regular basis. This person may also assist the engagement economics of the projects, including budget status tracking.
The Internal Audit Technology Senior Consultant will conduct Cybersecurity engagements and IT risk assessments, including but not limited to the following areas and responsibilities:Client Delivery - Technical lead on client engagements
Cybersecurity Assessments
Cybersecurity Strategic Advisory
Information Security Governance Design and Transformation
Information Security and Risk Management Consulting
IT Security Technology Implementations
Penetration Testing
Prepare reports or other necessary documentation to detail results of evaluation and otherwise meet the objectives of the project
Submit recommendations to the project manager for corrective action or to support a recommended approach to solving the client's needs
Correspond with a variety of clients and communicate security issues, recommendations, and deliverables effectively
Execute cybersecurity engagements independently and/or within a collaborative team at a high level
Internal Development
Generate ideas for new cybersecurity solutions aligned with our clients evolving needs
Business / Market Development
Attend and present at cybersecurity conferences
Project execution including overall project planning, IT risk assessments,supervising staff with 1-3 years of experience, executing fieldwork, and reporting
Evaluating and testing application and IT general controls across a variety of systems
Seeking to further client relationships through quality service delivery and the successful execution of projects
Define performance expectations, evaluate the performance of staff IT auditors, provide feedback and participate in training
Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
Present findings on IT controls to management
QualificationsBachelor's degree required, candidates must possess significant analytical skills, which likely evolved from early academic training in Cybersecurity, Information Systems, Computer Science, or similar discipline.
Minimum 2-4 years of business experience in the areas of Information Security.
Experience in Financial Services is required
Penetration testing experience is strongly preferred
Certified Information Systems Security Professionals (CISSP) or OSCP certification, or willingness to obtain
Experience within consulting or professional services, or at leading industry public companies is preferred
Prior experience supervising junior level resources in the areas of Information Security.
Knowledge of industry accepted cybersecurity frameworks including NIST, ISO, and others
Some system and network administration experience on Windows, UNIX, Linux and/or Mac
Knowledge of security areas such as Access Management, Data Loss Prevention, Incident Management, IT Asset Management, Mobile Device Management, Threat and Vulnerability, Endpoint Security, VMware, and Cybersecurity Governance
Strong writing and interpersonal communication skills.
The ability to handle multiple projects concurrently
Ability to lead execution teams for various projects
Ability to travel up to 60%
Technology Skills preferred:Network Security Practices: Auditing, planning, design, implementation, testing, and management
Microsoft Windows, Red Hat Linux, IBM AIX, and other UNIX/Linux variants
Microsoft Active Directory and Group Policy
Network architecture and protocols: TCP, UPD, IP, HTTP(S), DNS, NetBIOS, SMB, SSH, IPSec, EIGRP, OSPF, BGP, TLS, and others
Microsoft SQL Server, Microsoft SharePoint, Microsoft Exchange, and others
Penetration Testing tools: Burp, Nmap, Metasploit, Empire, Cobalt Strike, and others
Intrusion Detection, Intrusion Prevention, Security Information and Event Management solutions
Cryptographic tools, suites, and algorithms
Build a Successful Future in Consulting!At Crowe, Consulting professionals provide thought leadership, process expertise, and technology insight in order to help clients identify, assess, evaluate, and reduce risks. Our Consulting professionals serve large organizations across many industries in an environment where innovation and new ideas are highly encouraged. Through various programs, we provide you with learning and reinvention through high-impact formal and systemic training, including industry, solution, technology, and consulting training, as well as certification. You will be part of a strong global team environment with a fast-paced, challenging, and collaborative setting.At Crowe, we strongly endorse an open door policy. Our partners are approachable and accessible across the entire organization. Our team-based culture encourages partners to be in touch with our professionals and active on client projects. The partners of our company lead by example and maintain a strong two-way channel of communication with their teams. We strive to create an environment that is relaxed, fun, dynamic and fulfilling. Our team-based culture has not only resulted in successful projects, but in long lasting friendships as well. Overall, our people find their career choices to be highly rewarding and fulfilling.We expect the candidate to uphold Crowe's values of Care, Trust, Courage, and Stewardship. These values define who we are. We expect all of our people to act ethically and with integrity at all times.The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Crowe, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $84,706.00 to $168,877.00 per year.
Our Benefits:
At Crowe, we know that great peopleare what makes a great firm. We value our people and offer employees a comprehensive benefits package. Learn more about what working at Crowe can mean for you!
How You Can Grow:
We will nurture your talent in an inclusive culture that values diversity. You will have the chance to meet on a consistent basis with your Career Coach that will guide you in your career goals and aspirations. Learn more about where talent can prosper!
More about Crowe:
Crowe (www.crowe.com) is one of the largest public accounting, consulting and technology firms in the United States. Crowe uses its deep industry expertise to provide audit services to public and private entities while also helping clients reach their goals with tax, advisory, risk and performance services. Crowe is recognized by many organizations as one of the country's best places to work. Crowe serves clients worldwide as an independent member of Crowe Global, one of the largest global accounting networks in the world. The network consists of more than 200 independent accounting and advisory services firms in more than 130 countries around the world.
Crowe LLP provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.Crowe LLP does not accept unsolicited candidates, referrals or resumes from any staffing agency, recruiting service, sourcing entity or any other third-party paid service at any time. Any referrals, resumes or candidates submitted to Crowe, or any employee or owner of Crowe without a pre-existing agreement signed by both parties covering the submission will be considered the property of Crowe, and free of charge.