Aprio PH - IT Audit Associate (SOC)

Work with a nationally ranked CPA and advisory firm that is passionate for what's next. Aprio has 22 U.S. office locations, one in the Philippines and more than 2,100 team members that speak 60+ languages across the globe. By bringing together proven expertise, deep understanding, and strategic foresight for fast-growing industries, Aprio ensures clients are prepared for wherever life or business may take them. Discover a top-rated culture, vast growth opportunities and your next big career move with Aprio.
Join Aprio's Information Assurance Services team and you will help clients maximize their opportunities.  Aprio is a progressive, fast-growing firm looking for an Associate to join their dynamic team. 
Submerge yourself with creative innovators striving for excellence. APRIO is the 50th largest CPA firm in the nation and has been named the “Best of the Best” accounting and forensic accounting firm in 2015 by INSIDE Public Accounting and the Daily Report. Whether it is adding another language to the 25 different spoken languages or sharing your expertise in 1 of APRIO’s 6 industry specialties, we welcome and recognize the priceless experiences and skills that each team member brings to drive our company’s growth and success.  
APRIO’s Information Assurance Services (IAS) practice supports the delivery of attestation and consulting services for multiple clients in data and tech-based industries such as credit reporting and analytics, payment card services, healthcare IT, and cloud services. IAS’s business model and methodologies are focused on risk management and adding value to clients in all that we do. This means we do not work off checklists, but rather utilize sound business practices and technical expertise to enable our clients to identify, mitigate, and monitor the most technical risks associated with their technology use.  
Information technology projects and focus areas you may be exposed to within the IAS practice as an Associate include the following: Cyber Threats and Cybersecurity Service Organization Control (SOC) Reporting (e.g., SOC 1 and SOC 2) Payment Card Industry Data Security Standard (PCI DSS) ISO Standards (e.g., ISO 27001/27002) HITRUST Agreed Upon Procedures GDPR, Privacy assessments 

Position responsibilities

• Working with the engagement managers on clients across different industries 
• Participating in client calls, conducting walk-throughs, interviews, etc. 
• Developing internal test sheets, document request lists, and project plans 
• Executing testing of clients’ internal controls 
• Drafting and formatting reports and memos. 
• Evaluating the effectiveness of existing IT controls, understanding procedures surrounding these controls, and assess compliance with security policies and industry standards.
• Identifying weaknesses, gaps, and areas for improvement in our clients' information security posture. 
• Providing guidance and support to clients in problem identification and resolution 
• Stay abreast of emerging cybersecurity threats, industry trends and best practices, and regulatory changes. 
• Working with industry leading information security standards and frameworks, including ISO 27001, PCI DSS, NIST 800-53, NIST CSF, GDPR Reporting on clients’ controls utilizing attestation standards such as SOC 1, SOC 2, PCI DSS, ISO 27001, GDPR and HITRUST 
• Working on internal projects, i.e. process improvement, assisting with marketing and recruiting 

Qualifications:

• One or more industry relevantcertifications or willingness to obtain relevant certification(s) within one year of employment.  Certifications can includeCPA, CISA, CRISC, CIPP, CISSP, CISM, QSA, or ISO/IEC 27001. 
• Bachelor’s degreepreferably in MIS, IS, Information Technology, or Accounting Information Systems, or related field. 
• Familiarity with frameworks and standards such as ISO 27001, NIST Cybersecurity Framework, COBIT, and ITIL. 
• Excellent analytical skills with the ability to identify, assess, and evaluate risks. 
• Strong communication skills; verbal and written, with the ability to produce excellent written reports and audit documentation. 
• Ability and interest in continual learning and development. 
• Commitment to exceptional client service and creative problem-solving ability with a consultancy mindset. 
• Flexible, self-starter with the ability to interact with various levels of client and firm management. 
• Ability to work independently and collaboratively in a remote team environment. 
• Ability to assist with performing audit and test procedures. 
• Ability to manage personal schedule to coordinate multiple projects, tasks and deadlines. 
• Proficiency in English, both spoken and written. 

Perks/Benefits we offer for full-time team members:- Wellness program- HMO coverage- Rewards and Recognition program- Free shuttle service (provided by CDC | for onsite employees)- Free lunch meal (For onsite employees)- On-demand learning classes- Discretionary time off and Holidays- Performance-based salary increase- Discretionary incentive compensation based on client or individual performance- Hybrid set up to selected roles/location, terms and conditions may apply- CPA & Certification Assistance and Bonus Program  What's in it for you:- Working with an industry leader: Be part of a high-growth firm that is passionate for what's next.- A great team: Work with a high-energy, passionate, caring, and ambitious team of professionals in a collaborative culture.- Growth opportunities: Grow professionally in an environment that fosters continuous learning and advancement.- Competitive compensation: You will be rewarded with competitive compensation.  EQUAL OPPORTUNITY EMPLOYERAprio is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race; color; religion; national origin; sex; pregnancy; sexual orientation; gender identity and/or expression; age; disability; genetic information, citizenship status; military service obligations or any other category protected by applicable federal, state, or local law.