AddressSecurity & Privacy (S&P) consultants are expected to have responsibility for extensive client contact, staff training, management & development; and liaising with third parties You will be skilled and experienced at managing the whole project lifecycle for IT general controls audit, Cyber Security and information security services.
OUR VALUE PROPOSITION
At RSM, our purpose is to instil confidence in a world of change for both our clients and our people.
RSM Australia supports a people-centric and collaborative culture where we are committed to empowering and developing you. As a leading professional services firm, we connect you to an extensive network of global resources and invest in your future. We value the meaningful work that you do and encourage you to be a part of the change.
Our value proposition is our commitment to you; it highlights the experiences, benefits, and value that you can expect as part of RSM. This is underpinned by our three values – integrity in everything that we do, supporting clients everywhere, and developing and valuing everyone.
KEY RESPONSIBILITIES:
- Perform IT / Cyber / technology risk assessments, technical security related reviews, assess the effectiveness of processes/controls and risks related to third party organisations.
- Executing and completing individual IT and Cyber Security audits and special project reviews relating to various applications, IT infrastructure and other relevant IT domains.
- Conducting independent risk-based IT and Cyber Security audits to assess the adequacy and effectiveness of internal controls, the reliability and integrity of the client’s business and IT systems.
- Conducting various audit engagements simultaneously with numerous engagement team members per audit, including assisting with planning, execution and scheduling staff.
- Undertaking or arranging to undertake special consulting or other reviews as required. These may include system software reviews, new system development technical evaluations, post implementation reviews, contingency planning reviews, logical / physical access reviews and installation reviews.
- Assist in the planning of client deliverables (i.e. strategic internal audit plan, scope documents).
- Responsible for the execution of fieldwork and documentation of findings (i.e. maintain the audit file).
- Providing IT general controls and application controls audit support to external audit.
- Determining the objectives, scope and extent of each audit and ensure that the audit is professionally and efficiently completed within deadlines.
- Assist in business development activities of the firm.
- Coordination with other divisions.
- Address technical issues and assist in preparing technical position papers.
- Undertaking development of team members.
- Assisting with management and co-ordination of the audit team including training, mentoring and methodology compliance.
- Identifying opportunities for improvement to operational efficiencies and effectiveness.
- Maintaining appropriate and adequate documentation for each audit to a standard as required by auditing standards.
- Identification of findings and issues, and assisting in the drafting of client reports and discuss with relevant management as required.
- Liaising, and presenting audit results to information system staff and client management.
- Remaining abreast with technological enhancements in auditing and IT.
EDUCATION REQUIREMENTS:
Essential
- Relevant tertiary degree and/or qualification is essential.
DEMONSTRATED EXPERIENCE & ATTRIBUTES:
Essential
- Minimum 2 years’ Professional Services experience in Cyber / IT technical delivery, IT audit, internal controls, or risk management.
- Experience performing security risk assessments, testing or auditing of cybersecurity or information security standards or governance frameworks (e.g. one or more of COBIT, NIST Cyber Security Framework, ASD Top 35 and Essential Eight, PCI DSS, CIS Critical Security Controls Top 20, PSPF, Australian Government Information Security Manual, VPDSS, ISO/IEC 27001, Cloud Security Alliance Guidance, Australian Privacy Principles, GDPR).
- Experience in performing engagements where teams are completing various technical testing assessments and be able to translate technical findings and articulate recommendations for non-technical client staff.
- Demonstrated knowledge of control best practices in IT general controls and applications.
- Demonstrated Knowledge of IT processes, project management, applications, databases, operating systems and network infrastructure to apply better practice guidance and identify opportunities for improvement.
- Outstanding interpersonal and communications skills, able to communicate effectively in verbal and written format with technical and non-technical audiences.
- Strong analytical and written communication skills.
- Ability to develop effective solutions and enhancements in an innovative manner.
- Strong attention to detail and prioritising skills, able to produce high quality work autonomously and as part of a team.
- Ability to add value by providing a high standard of service in response to client demands.
Desirable:
Demonstrated knowledge in data analytics / computer assisted audit techniques using IDEA, ACL, SQL or other relevant data analytical tools
Life at RSM:
RSM provides a great environment to build skills and confidence and we help our people achieve their best. We are trusted advisors to our clients, so it is critical for us to find the right people for the job on offer. Our network of offices across Australia and around the world allow us to offer a personal service to all our clients regardless of where they are! Working for RSM entitles everyone to a wide range of leading health, wellness financial and lifestyle benefits.
How to apply:
Please click one the "apply now" button and complete our online application form.
Agencies, thank you for thinking of us, but our recruitment is managed internally, and we will reach out to our preferred suppliers if we need assistance.
