IT Risk Audit Manager in Boston, MA at CBIZ

Date Posted: 8/6/2018

Job Snapshot

Job Description

With over 100 offices and nearly 5,000 associates in major metropolitan areas and suburban cities throughout the U.S. CBIZ (NYSE: CBZ) delivers top-level financial and employee business services to organizations of all sizes, as well as individual clients, by providing national-caliber expertise combined with highly personalized service delivered at the local level. CBIZ has been honored to be recognized as one of the Best & Brightest Companies to Work for in the Nation for 2016. The Best and Brightest Companies to Work For® competition identifies and honors organizations that display a commitment to excellence in their human resource practices and employee enrichment based on categories such as communication, work-life balance, employee education, diversity, recognition, retention and more. 

CBIZ and Mayer Hoffman McCann P.C. (MHM) are together ranked as one of the top providers of accounting services in the United States.  With more than 35 offices and more than 3,000 professionals, we serve the country’s growing mid-market public and private businesses.  MHM provides high quality audit and attest services, while closely associated CBIZ provides all other accounting, tax and consulting services.

We are seeking to hire an experienced IT Risk Audit Manager to work in the New England region as part of our fast growing Risk & Advisory Services Practice. This practice provides independent and objective examination and advisory services that help our clients manage and report on their control and risk management practices, and improve and enhance controls and compliance. In addition to providing SOC examination services under the standards of the AICPA, the service also provides risk and control assessment and advisory services, internal audits, as well as, royalty and contract audits. The successful individual will report to the IT Risk Audit Director.

Essential Functions and Primary Duties

  • Plan and execute multiple concurrent audits, including reviews of existing production applications, systems currently being developed, and specialized technological components.
  • The audit team member is expected to identify and assess application-related risks (both business and technological) and to provide advice to management regarding mitigation of these risks.
  • Lead and manage engagements and, in doing so, will be required to manage budgeted hours and project timelines for the examination, assessment and reporting on client’s financial, operational, compliance and IT risks and controls.
  • Develop an ongoing 'trusted advisor' relationship with clients to ensure timely and consistent risk, control, compliance and reporting advice.
  • Mentor audit staff in areas of financial, operational, compliance and IT audit and technology expertise to develop a broader skill base and level of understanding of financial, operational, compliance IT risks.
  • Participate directly in new client development process by assisting the IT Risk Audit Director in initial meetings, presentations and proposal development
  • Coordinate all deliverables (such as reports, working papers, analysis, etc.) for assigned engagements including technical review
  • Demonstrate proficient technical skills for handling all client responsibilities, including knowledge of trends, industries, alternatives, etc.
  • Manage and maintain multiple client relationships, engagements and special projects
  • Effectively supervise, train and mentor Associates and Senior Associates

Preferred Qualifications

  • 5 years or more years of combined SOC, financial, operational, compliance IT audit experience, 3 years of staff supervision and management
  • Bachelor’s degree in Information Systems, Accounting or related disciplines; advanced degree preferred
  • A solid understanding of financial, operational, compliance and IT risk, control best practices
  • Experience with highly complex and integrated financial, operational, compliance and IT environments
  • Proven analytical skills. Advanced knowledge and experience with: controls; keys of financial, operational, compliance and IT risk; SSAE 18, Trust Services, and AICPA’s SOC1, SOC2 and SOC3 Examination and Reporting Guides
  • Understanding of the laws and regulations associated with privacy, NIST, CIS 20, FISMA, ISO27000, HIPPA, SEC, and FINRA regulated entities and the use of technology controls to meet these requirements
  • Understanding of the risks associated with current technologies (e.g., web services) and the standards and controls being developed to mitigate those risks
  • Strong team player willing to collaborate with highly skilled people on multiple levels
  • Polished oral and written communication skills
  • Demonstrated business knowledge and control related expertise
  • CISA or CISSP certification required; CPA or experience and ability to obtain CPA license required

Minimum Qualifications Required

  • Bachelor’s degree in relevant field preferred
  • Or High School Diploma (or GED) and 7 years experience in relevant field
  • Must have and preserve required licenses
  • Proficient use of applicable technology
  • Demonstrated ability to communicate verbally and in writing with all levels of an organization, both internally and externally
  • Ability to travel as required by business


If you are a qualified individual with a disability you may request reasonable accommodation if you are unable or limited in your ability to use or access this site as a result of your disability. You can request a reasonable accommodation by calling 844-558-1414 (toll free) or send an email to


CBIZ is an equal opportunity employer and reviews applications for employment without regard to the applicant's race, color, religion, national origin, ancestry, age, gender, marital status, military status, veteran status, sexual orientation, disability, or medical condition or any other reason prohibited by law. If you would like more information about your EEO rights as an applicant under the law, please visit these following pages EEO is the Law and EEO is the Law Supplement.



  1. Auditor Jobs
  2. Internal Auditor Jobs

not ready to apply ?

Joining our Talent Network will enhance your job search and application process. Whether you choose to apply or just leave your information, we look forward to staying connected with you.