Senior Associate - ISO

Sensiba is always looking for top talent to add to our integrated team. We have an exciting opportunity for a Experienced IT Associate to join our RAS team. If you're looking for an organization that offers an inclusive environment, uses business as a force for good, and supports you and your family with flexible work options and attractive benefits, take the first step toward joining the Sensiba team!

Named a Top 100 Accounting Firm and Top Workplace USA, we're recognized for exceptional employee engagement and dedication in helping our clients solve problems, navigate complexity, and build a foundation for sustainable growth.

In 2018, we became a certified B Corporation (B Corp ). The B Corp certification distinguishes companies that use the power of business to solve social and environmental problems. It helps us better assess how our core values align with our daily operations and identify where we can improve.

Summary:

The Experiened Associate is responsible for ensuring client satisfaction and efficient execution of engagement plans, while being the coach and advisor to team members. This role will focus on business processes and IT control auditing (primarily ISO 27001/27701/42001) and assessment services with responsibilities that include evaluating, testing, and documenting key business processes, access controls, and change management controls for engagements The Senior Associate will build robust client relationships grounded in a deep understanding of their operations, challenges, and compliance needs. The role is pivotal in delivering top-notch services, centering on clients' business, IT, and security risk management.

Responsibilities:

• Lead and conduct detailed audits of clients' business processes and IT controls, ensuring compliance with industry standards and regulations.
• Observe, review, document, and test key business process transactions, access controls, change management controls, operational and organizational controls, and automated controls for engagements
• Review, document, evaluate and test application controls, particularly automated controls on a wide range of systems and software applications across a wide variety of client business processes
• Evaluate clients' business, IT, and security risks, identifying areas of concern and recommending appropriate control measures and process improvements to mitigate risks.
• Assess security policies and procedures, reviewing risk management / risk assessment documentation, and controls of our clients' business applications, networks, operating systems, and other components of their technology infrastructure
• Support internal and external security assessments of new and existing services and infrastructure including operational, regulatory, and contractual requirements
• Develop and nurture strong relationships with clients, gaining insight into their businesses, risks, and compliance requirements to tailor audit approaches effectively.
• Execute audit procedures efficiently and effectively, analyzing systems, processes, and controls to assess their adequacy and effectiveness in managing risks..
• Prepare comprehensive audit reports detailing findings, recommendations, and remediation plans, ensuring clear communication of audit results to clients.
• Develop a technical understanding of cyber security best practices in order to advise and audit clients on their security posture
• Follow up on remediation progress or management responses
• Guide and mentor less experienced team and project members

Qualifications:

• Bachelor's degree required; MIS, IT or related field preferred
• 3 + years of IT Audit experience or Audit experience
• Experience leading ISO 27001/27701/42001 audits
• Experience with controls reviews along with recommending, designing and advising on applicable IT controls
• Experience teaching, training, mentoring other staff members is preferred
• ISO Lead Auditor Certification is preferred
• Relevant professional designation such as CISA, CISSP, CIPP, etc. is a plus
• Experience with ISO 27001 readiness platforms (e.g., Drata, Vanta, etc.) is preferred
• Experience with Microsoft Office products; particularly Excel and Word
• Knowledge of relevant regulations and industry standards (e.g., SSAE 18/SOC, HIPAA, ISO-27001, COSO, HITRUST, etc.) and best practices and methodologies to address these requirements.
• Fundamental understanding of audit principles such as risk assessment, materiality, independence and sufficiency of evidence
• Ability to apply these requirements to organizational internal control frameworks
• Understanding of technical concepts such as cyber security, virtualization, data center, cloud computing, and the like
• Ability to interpret/relay technical information to all levels of technical aptitude, including senior management. This includes written and oral communications
• Documentation skills are a must. Ability to articulate, write and present information in a clear and understandable manner and to meet the re-performance standard required for supporting our audit work
• Strong time management, project management and organizational skills with the ability to manage multiple priorities successfully within a deadline-driven environment
• Strong interpersonal skills
• Demonstrated ability to quickly understand and assimilate business processes
• Demonstrated integrity, maturity, dependability, and a strong work ethic within a professional environment

There are many reasons to join the Sensiba team: generous benefits, competitive compensation, professional advancement opportunities, and above all - our people. If you're looking for an environment that offers you growth, success, and professionalism without compromising your family, passions, and life outside of work, apply today!

Sensiba has a robust offering of benefits, including:

• Medical, dental, vision
• Generous PTO plan and paid sick time
• Flexible work arrangements
• 401K with company match
• Discretionary performance bonus
• Business referral incentive pay
• Sabbatical leave
• 11 paid holidays
  

For individuals based in San Francisco, consistent with the SF Fair Chance Ordinance, an arrest and conviction record will not automatically disqualify a qualified applicant from consideration.

For individuals who would be working within the City of Los Angeles, Sensiba will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.

Sensiba LLP is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation, gender identity, or any other characteristic protected by law.

Sensiba LLP complies with federal and state disability laws and makes reasonable accommodations for applicants and employees with disabilities. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact us at talent@sensiba.com.

Certain states require employers to disclose the pay range in job postings. This position may be eligible for an annual discretionary bonus. For more information about our benefit offerings and other total rewards, contact our human resources team.

Compensation Range: $40,000 - 45,000 per year

*Compensation may vary based on skills, role, and location*