Advisory Senior Associate
Frazier & Deeter · Nashville, TN · 1 wk ago
HybridConsultingFull-time
Duties & Responsibilities
- Lead day-to-day execution of advisory engagements, including SOC 1/SOC 2 examinations, IT internal audits, IT risk assessments, and information security reviews.
- Perform detailed testing and evaluation of IT general controls (ITGCs), application controls, cybersecurity controls, and operational processes.
- Assess client environments against industry frameworks such as COBIT, NIST, ISO 27000, PCI, HIPAA, and AICPA trust services criteria.
- Support Sarbanes-Oxley (SOX) compliance efforts, including walkthroughs, control design assessments, and testing in accordance with PCAOB standards.
- Evaluate system implementation projects to ensure appropriate controls, governance, and risk mitigation practices are in place.
- Prepare high-quality workpapers, audit documentation, and client deliverables that clearly communicate findings, risks, and recommendations.
- Collaborate with client stakeholders, external auditors, and internal teams to clarify expectations, resolve issues, and ensure timely engagement delivery.
- Identify control gaps, process inefficiencies, and improvement opportunities; develop practical, value-added recommendations.
- Aid in drafting SOC reports, risk assessment summaries, audit reports, and executive-level presentations.
- Mentor, train, and review work of staff associates to support their professional development.
- Contribute to engagement planning, scoping, and risk assessment activities.
- Manage multiple projects simultaneously while meeting deadlines and maintaining high-quality standards.
Requirements
- 3+ years of Information Security or Information Technology experience required.
- Bachelor’s degree in Accounting, Finance, Management Information Systems (MIS), or related field required.
- CISA candidate, other certifications accepted (CPA, CISSP, CIA, etc.).
- Demonstrated success in a client service role, preferably with Big 4 or national advisory firm.
- Familiarity with variety of technologies, operating systems, databases, and reporting and data analytics tools.
- Ability to interact with external auditors and members of management to deliver expectations and communicate and interpret key audit priorities and issues, including PCAOB and AICPA trends.
- Exceptional organizational skills with capability to present to Board/C-suite audience.
- Strong written and verbal communication skills.
- Experience related to the following areas: SSAE 18 / SOC 1 / SOC 2, Sarbanes-Oxley and PCAOB requirements, IT risk assessment / operational IT audit, IT general controls, COBIT framework, PCI, Information security / cyber frameworks (ISO 27000, NIST, AICPA, etc.), HIPAA, Systems development life cycle, Business acumen, ability to anticipate and escalate issues, Ability to meet deadlines, Working knowledge of basic financial accounting, auditing and financial reporting concepts, Teaching and staff development, Ability and appetite to invest into relationships, Exemplify a positive attitude and strong work ethic with a commitment to teamwork and professionalism.
- Ability to travel 20% to 40% - hybrid.