Consulting - Manager - Risk Advisory Services - Systems & Process Assurance

RSM US   •  

Milwaukee, WI

Industry: Financial Services


5 - 7 years

Posted 300 days ago

This job is no longer available.


RSM has an exceptional career opportunity available for an experienced Risk Advisory Services – Systems & Process Assurance Manager in our Milwaukee, Wisconsin office.  Our Systems and Process Assurance Solution Set, is responsible for business process and IT controls.  At RSM, our Manager’s in Risk Advisory Services work with large and middle market clients across a wide variety of industries. They develop strong working relationships with clients built on understanding their businesses, their challenges, risks, and information technology (IT) requirements.

Our Systems & Process Assurance Manager’s provide quality services to clients by focusing on their business, IT/security risk and control requirements.  They use strong analytical skills to develop quality solutions to assist our clients improve their business.


  • Performing technology risk assessments and reviewing, documenting, evaluating and testing information technology controls including change management, security, backup and operations controls, in a wide range of computing environments, for internal audit, Sarbanes-Oxley, and Service Organization Control (SOC) engagements.

  • Observing, reviewing, documenting, and testing key business process transactions, access controls, segregation of duties and automated controls for internal audit, Sarbanes-Oxley, and SOC engagements.

  • Ensure the delivery of high-quality deliverables and compliance with quality assurance and independence policies onengagements covering SOC 1 and SOC 2 reports, readiness reviews, and AT101 client engagements.

  • Assessing IT security policies, procedures, and controls of our clients’ business applications, networks, operating systems, and other components of their technology infrastructure.

  • Reviewing, documenting, evaluating and testing application controls, particularly automated controls on a wide range of ERP systems and software applications across a wide variety of client business processes.

  • Assisting financial audit and Sarbanes-Oxley compliance teams in the identification of control objectives and the design ofcontrol procedures to address those objectives.

  • Identifying internal IT controls, assessing their design and operational effectiveness, determining risk exposures and developing remediation plans.

  • Determining technical and business impact of identified security and control issues and providing remediation guidance toclients.

  • Communicating findings and recommendations to client personnel.


  • Bachelor's degree or equivalent

  • Five or more years of experience in IT audit, IT security, or other IT compliance related work.  Prior responsibilities should include performing IT risk assessments and controls reviews along with recommending, designing and advising on applicable IT controls

  • Security and controls experience in a widely used financial application (SAP, Oracle, JD Edwards, PeopleSoft, etc.) is preferred

  • Good understanding of relevant regulations and industry standards (e.g., SSAE 18/SOC 2, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA and GLBA) and best practices and methodologies to address these requirements. Ability to apply these requirements to organizational internal control frameworks

  • Professional certifications including Certified Information Systems Auditor® (CISA®), Certified Information Systems Security Professionals® (CISSP®); Certified Public Accountant (CPA), Certified Information Security Manager® (CISM®) and/or Certified Information Privacy Professional (CIPP)

  • Must be able to interpret and convey technical information to all levels of technical aptitude, including senior management. This includes written and oral communications

  • Ability to articulate, write and present information in a clear and understandable manner

  • Strong time management and organizational skills with the ability to manage multiple priorities successfully within a deadline-driven environment

  • Ability to travel primarily regionally