IT Security, Risk, & Compliance Manager in Harrisburg at CBIZ

Date Posted: 10/26/2019

Job Snapshot

Job Description

With over 100 offices and nearly 5,000 associates in major metropolitan areas and suburban cities throughout the U.S. CBIZ (NYSE: CBZ) delivers top-level financial and employee business services to organizations of all sizes, as well as individual clients, by providing national-caliber expertise combined with highly personalized service delivered at the local level. CBIZ has been honored to be the recipient of several national recognitions: 2019 America's Best Mid-Size Employers by Forbes, 2019 Best Workplaces in Consulting & Professional Services by Great Place to Work® and FORTUNE, 2019 Workplace Excellence Seal of Approval by the Alliance for Workplace Excellence, and one of the Top 101 highest scoring companies in the country for Best and Brightest Companies to Work For in the Nation by the National Association for Business Resources.

CBIZ and Mayer Hoffman McCann P.C. (MHM) are together ranked as one of the top providers of accounting services in the United States.  With more than 35 offices and more than 3,000 professionals in our Financial Services division, we serve the country’s growing mid-market public and private businesses.  MHM provides high quality audit and attest services, while closely associated CBIZ provides all other accounting, tax and consulting services.

As a Manager, Information Technology (IT) Security, Risk, & Compliance, you will be a key member of the CBIZ Risk and Advisory Team and participate in multiple engagements, with public and private company clients in the mid-market ($100 million to $2 billion) range.  The majority of our clients are in the banking/finance, government agency, healthcare, service, manufacturing, and real estate industries.

Our core service offerings include IT internal audit, CyberSecurity, Data Security and Privacy, Data Analytics, IT compliance (SOX, HIPAA, PCI), and reviews of business processes. Heavy emphasis will be placed upon managing and executing IT audit projects, as well as documenting and testing IT processes.  You will evaluate the adequacy and effectiveness of internal controls; recognize any internal control weaknesses and lack of compliance with internal procedures and policies, which may result in inadequate, inefficient, or ineffective operations.

Essential Functions and Primary Duties

  • Manage complex IT security, risk, and compliance engagements that assess the design and operating effectiveness of IT processes and procedures to meet client objectives, including alignment with frameworks and compliance with laws and regulations
  • Lead and conduct reviews of processes, policies, procedures, security, and configuration controls of existing systems as well as proposed controls of new systems.
  • Responsible for preparation of audit reports for senior management that clearly and concisely communicate control issues, business impact, and management action plans
  • Supervise and review associates’ work and provide constructive feedback
  • Demonstrate an understanding of professional and industry standards and practices; keep abreast of latest developments and ensure professional development through ongoing education
  • Balance multiple priorities, demonstrate proficient technical skills for handling client responsibilities and deliver a high quality work product
  • Serve as the client’s trusted advisor, identify client issues and conflicts and proactively communicate solution options to the client and team
  • Exhibit excellent interpersonal, analytical, research and project management skills
  • Think independently and problem solve in a results driven team oriented environment
  • Demonstrate excellent verbal and written communications skills

Preferred Qualifications

  • Solid understanding of IT general controls and strong technical auditing background, including experience with auditing a mainframe environment.
  • Strong project management skills and ability to meet work-plan specifications and deadlines
  • Experience with Big 4 or Fortune 500 IT and/or Audit organizations is a plus 
  • Demonstrated ability to document control issues, business impact, and management action plans
  • Ability to take on a business development role in the firm
  • Knowledge of Sarbanes Oxley (SOX) legislation and impact, COBIT, COSO, HIPAA, NIST, ISO 27001/27002, PCI DSS and other regulations and frameworks
  • Strong background in technical systems and environments
  • CISA certification required, CISSP, CPA preferred
  • Supervision of IT Staff Auditors (up to 2) may be required
  • 25-50% travel required

Minimum Qualifications

  • Bachelor’s degree in Information Systems/Accounting or related discipline
  • 6 years of combined IT technical and audit experience
  • CyberSecurity and Network Security experience 
  • 3 years of experience in supervising staff
  • Current federal 6C government clearance
  • Excellent interpersonal, analytical, research and audit project management skills
  • Demonstrated ability to communicate verbally and in writing throughout all levels of organization, both internally and externally
  • Ability to multi-task, think independently and problem solve in a results driven team oriented environment.
  • Must be able to travel based on client and business needs
  • Strong computer and technical skills including, Microsoft Office Suite, Outlook, intranet and audit software.


  1. Auditor Jobs
  2. Internal Auditor Jobs

not ready to apply ?

Joining our Talent Network will enhance your job search and application process. Whether you choose to apply or just leave your information, we look forward to staying connected with you.