Business Advisory Services Manager

Johnson Lambert is a leading National accounting and advisory firm, recognized for our deep specialization in the insurance industry.  The firm also serves not-for-profit industries offering a full suite of audit, tax, and consulting services. Johnson Lambert is ranked as the fifth largest auditor to property casualty insurance companies. 

Our Business Advisory Services (BAS) practice is rapidly growing, helping clients navigate complex technology risks, enhance cybersecurity posture, and ensure regulatory compliance. Our BAS team works with our clients to support their IT risk management and control initiatives. We leverage our deep industry knowledge and client data to efficiently scope engagements to focus on the highest risk areas, and deliver solutions. Our BAS services include Cybersecurity Consulting, Risk Assessment and Gap Analysis, Fraud risk assessment, System Implementation Assessment, Internal Audit Outsourcing and Co-Sourcing, IT Audit Support, SOX and Model Audit Rule program optimization and operation, and SOC Reporting.

We are seeking an IT Audit & Consulting Manager to join our BAS team, and play a pivotal role in leading and executing IT audit engagements and providing expert consulting services to our clients. This position requires a dynamic leader with a strong technical background in information technology, a deep understanding of audit methodologies, and proven experience in advising clients on IT risk management, cybersecurity, and compliance. The Manager will be responsible for managing engagement teams, cultivating client relationships, and contributing to the growth of the practice.

At Johnson Lambert we relentlessly strive to advocate for our clients and employees, and inspire an environment that embodies agility, respect, in trust. As a BAS Manager you can expect to work in a team-focused environment. You will have the opportunity to use creative and critical thinking working with clients and team members to solve business problems. You are very client focused and able to deliver high quality services through relationship building.

All roles offered at Johnson Lambert are offered in a hybrid format, with the opportunity to work with your team in person, should you be in close proximity to one of our 8 office locations, or have the flexibility to work from home in a remote setting. Click here to see more information regarding our benefits.

Key Responsibilities:

• Service Delivery
• • Engagement Management: Lead and manage multiple IT audit engagements from planning through reporting, ensuring timely completion and adherence to budget.
  • Risk Assessment: Perform comprehensive IT risk assessments to identify control deficiencies and vulnerabilities in client IT environments, including applications, infrastructure, and data.
  • Control Testing: Design and execute tests of IT General Controls (ITGCs), application controls, and automated controls related to financial reporting (e.g., SOX, Model Audit Rule) and operational efficiency.
  • Compliance Audits: Lead and contribute to compliance audits such as SOC 1 (Service Organization Control 1), SOC 2 (Service Organization Control 2), HIPAA, PCI DSS, and other regulatory frameworks.
  • Workpaper Review: Critically review workpapers prepared by engagement staff, ensuring quality, completeness, and adherence to firm and professional standards (AICPA, PCAOB).
  • Deficiency Management: Identify, document, and communicate audit findings and control deficiencies clearly and concisely to clients, including root cause analysis and practical recommendations.
  • Cybersecurity Assessments: Conduct cybersecurity risk assessments, maturity model evaluations, and assist clients with security program development (e.g., NIST CSF, ISO 27001).
  • Policy & Procedure Development: Assist clients in developing and refining IT security policies, procedures, and governance frameworks.
• Team Leadership
• • Mentorship & Coaching: Provide effective coaching, mentoring, and performance feedback to Senior IT Auditors and Staff, fostering their professional growth and technical skills.
  • Resource Management: Manage engagement team assignments and allocate resources effectively to meet project deadlines and quality standards.
  • Training: Contribute to the development and delivery of internal training programs for the IT Audit and Consulting practice.
• Client Relationship Management & Business Development
• • Client Cultivation: Build and maintain strong, long-term relationships with new and existing clients, serving as a primary point of contact.
  • Opportunity Identification: Identify opportunities for additional services within existing client accounts and assist in developing new business leads.
  • Proposal Development: Participate in proposal writing and client presentations for new engagements.
  • Market Presence: Represent the firm at industry events, conferences, and networking functions.
• Quality Assurance & Compliance
• • Ensure all engagements adhere to the firm's quality assurance standards, professional auditing standards (AICPA, PCAOB), and regulatory requirements.
  • Maintain technical proficiency in IT audit, cybersecurity, and relevant industry regulations.

Qualifications:  

• Bachelor’s degree in Information Technology, Business Administration, Accounting or other relevant field  
• Minimum of 4-8 years of progressive relevant experience, such as auditing general computer and application controls, including security, change management, systems development, and disaster recovery  
• Experience must also performance of cybersecurity assessment using recognized framework
• CPA, CISA or CISSP certification preferred
• Strong technical knowledge and skill set, including significant experience applying technical knowledge in financial statement audits, internal or operational audits, SOC reports, SOX requirements, and enterprise risk management.
• Ability and desire to contribute to marketing and business activities external to the firm
• Strong client relationship skills  
• Strong project and time management skills  
• Demonstrated ability to lead, motivate, and coach teams of people, including experience and less experienced employees  
• Strong knowledge and understanding of firm products and services  
• Ability to work additional hours and travel to client sites as dictated by client needs  
• Strong leadership and involvement in firm activities, community service, and other firm-wide initiatives

We value your time and have built the selection process to reflect that. Our process is simple; you will begin the selection process with an application that is individually reviewed by our Recruiting team and a phone interview to best understand your specific areas of interest. The next step is to interview with the Business Advisory Services team leaders. After that, decisions will be made and the Recruiting team will be back in touch. We value our candidates and want to ensure a process that directly reflects what you can expect as a Johnson Lambert employee. That means you have an entire HR team to support you through your candidacy and ensure you’re finding a position that will allow you to take your career to the next level in a culture that helps you thrive.

Equity note: Research suggests that women and Black, Indigenous, and other persons of color are less likely than men or White job seekers to apply for positions unless they are confident they meet 100% of the qualifications. We strongly encourage interested individuals to apply, and allow us to evaluate the knowledge, skills, and abilities you demonstrate, using an internal equity lens.

Johnson Lambert prides itself for the hands-on approach and relationships we build with future employees, employees, and clients. We believe each application is the potential for a future relationship with JL. Therefore, a member of our HR team personally reviews all applications submitted.