
Consultant
Full-Time
In-Person, Remote, Hybrid
Description
We are seeking a detail-oriented and analytical Consultant to support our IT Audit and Risk Control function. This role is critical in executing client-facing audit and assurance engagements, including evaluating IT control environments, performing control testing, documenting results, and drafting risk-based recommendations.
You will work directly with clients to assess their cybersecurity and technology risk posture, contribute to audit fieldwork, and support advisory initiatives aligned with frameworks such as NIST, CIS, etc. This is a client-facing position that requires professionalism, adaptability, and a commitment to delivering high-quality work under tight deadlines.
The ideal candidate is comfortable managing multiple priorities in a fast-paced environment, demonstrates strong writing and documentation skills, and thrives both independently and as part of a team. The ability to shift between tasks while maintaining accuracy, responsiveness, and attention to detail is essential.
Requirements
-
1–5 years of experience in IT audit, information security, risk management, or a related field
-
Proficiency in Microsoft Office tools, especially Excel, Word, and PowerPoint
-
Working knowledge of common frameworks such as NIST, CIS, etc.
-
Strong written and verbal communication skills, including the ability to summarize technical concepts for non-technical audiences
-
Ability to manage tasks across multiple projects with minimal supervision
-
High degree of professionalism, discretion, and client-service orientation
Nice to Have (But Not Necessary)
-
Relevant certifications such as Security+, CISA, CCA, or CCP (not required, but willingness to obtain one within 12 months preferred)
-
Experience supporting audits or assessments for regulated industries (e.g., financial services, healthcare, manufacturing)
-
Familiarity with vendor risk management, data classification, or incident response processes
-
Exposure to GRC platforms or audit tools
-
Experience drafting audit observations, findings, and risk remediation recommendations