Audit Associate - Risk Assurance Services (RAS)

With over 40 years of experience Sensiba San Filippo LLP (SSF) believes in providing our clients with more than just a tax strategy or compliance report. At SSF we use our professional and personal skills to improve the lives of our families, communities, clients and colleagues. Offering comprehensive assurance, tax and consulting services, the Firm has a regional focus with global expertise.

SSF's core values are Family, Community, Firm (in that order). Our relationships are built on honesty, mutual respect, and trust.

In 2018, SSF became the first and only California CPA firm certified as a B Corporation (B Corp).This certification distinguishes companies that use the power of business to solve social and environmental problems.The B Corp certification helps us better assess how our core values are aligned with our daily operations and helps identify where to improve.

Should YOU be excited about the possibility of becoming a member of the SSF Family please apply below and our Recruiting Team will be in touch!

Responsibilities:

• Observing, reviewing, documenting, and testing key business process transactions, access controls, change management controls, operational and organizational controls, and automated controls for SOC and HIPAA engagements
• Ensure the delivery of high-quality deliverables and compliance with quality assurance and independence policies on engagements covering SOC 1 and SOC 2 reports, HIPAA attestations, and audit readiness reviews
• Assessing security policies and procedures, reviewing risk management / risk assessment documentation, and controls of our clients' business applications, networks, operating systems, and other components of their technology infrastructure
• Reviewing, documenting, evaluating and testing application controls, particularly automated controls on a wide range of systems and software applications across a wide variety of client business processes
• Identifying client IT controls, assessing their design and operational effectiveness, determining risk exposures and recommending remediation plans
• Determining technical and business impact of identified security and control issues and providing remediation guidance to clients
• Communicating findings and recommendations to client personnel
• Assisting in the execution of the day-to-day activities of Risk Assurance audit engagements
• Demonstrating teamwork, responsibility and integrity. Working with team members, contributing ideas to the team as well as listening to the views of others
• Following up on remediation progress or management responses
• Keep current on IT environment and industry IT trends relevant to client's business, and using current technology and tools to enhance the effectiveness of deliverables and services
• Obtain a minimum of 40 CPE hours per year
• Establishing productive working relationships with client personnel to help ensure the efficient flow of information from the client to the Risk Assurance Audit Team
• Interacting with clients in a professional and competent manner, keeping a strong client focus

Benefits Offered:

• A diverse, inclusive environment in which the individual is enabled to succeed
• Competitive compensation and benefits
• Generous external education course reimbursement
• A balanced internal culture that emphasizes "Family, Community and Firm (in that order)"
• An "open door" policy relative to firm Partners
• Accelerated access to clients

SSF strives to hire from our local talent pool as one of the many ways we demonstrate our commitment towards supporting our local communities. We're invested in our cities' growth, the well-being of its citizens and the health of our local economy.

SSF is an Equal Opportunity Employer and considers all qualified applicants regardless of race, gender, color, religion, national origin, age, sexual orientation, gender identity, disability, veteran status or other classification protected by law.

• 1-2 years of experience in SOC examination work (SOC 1 and SOC 2) IT audit, or other IT compliance related work
• Fundamental understanding of audit principles such as risk assessment, materiality, independence and sufficiency of evidence
• Have a bachelor's degree in Accounting, Finance, MIS, IT or related field
• Prior responsibilities should include performing SOC 1 and/or SOC 2 audits, and controls reviews along with recommending, designing and advising on applicable IT controls
• Understanding of technical concepts such as cybersecurity, virtualization, data center, cloud computing, and the like
• Have or will obtain a relevant professional designation such as CISA, CISSP, CCSP, CCSK, etc.
• Must be able to interpret and convey audit information to all levels of technical aptitude, including senior management. This includes written and oral communications
• Documentation skills are a must. Ability to articulate, write and present information in a clear and understandable manner and to meet the re-performance standard required for supporting our audit work
• Strong time management, project management and organizational skills with the ability to manage multiple priorities successfully within a deadline-driven environment
• Strong interpersonal skills
• Strong knowledge of Microsoft Office products; particularly Excel and Word
• Demonstrated integrity, maturity, dependability, and a strong work ethic within a professional environment
• The ability to work independently, as a remote employee, and as part of a team