Technology Risk Senior Associate

Role Overview

We are seeking a highly skilled Technology Risk Senior Associate with hands-on experience in System Testing, Post-Implementation Reviews (PIRs), and IT Governance. In this role, you will evaluate the design and effectiveness of IT controls, assess risks associated with system implementations, and contribute to strengthening governance frameworks across a variety of industries and client environments.

Key Responsibilities

1. System Testing & IT Controls

• Lead or support testing of IT General Controls (ITGCs) and automated controls across ERP and financial systems (e.g., SAP, Oracle, Microsoft Dynamics).
• Design and execute test plans for system configurations, data integrity, change management, and user access management.
• Document test results, identify control deficiencies, and assess risk implications in line with internal audit and assurance standards.

2. Post-Implementation Reviews (PIRs)

• Evaluate recently implemented systems for security, performance, data migration accuracy, and business continuity planning.
• Assess whether implementation objectives were met and whether the resulting control environment supports compliance and operational goals.
• Develop recommendations to optimize system effectiveness and control design.

3. IT Governance & Risk Management

• Review IT governance practices and policies for alignment with industry standards such as COBIT, ISO 27001, and NIST.
• Conduct IT risk assessments and control gap analyses to support internal audit plans, SOX, or ICFR programs.

Contribute to assessments of IT strategic alignment, vendor risk management, data governance, and cybersecurity posture.

Preferred Qualifications

Certifications:

• CISA, CISM, ISO 27001 Lead Auditor, or COBIT Foundation/Practitioner (preferred)

Experience:

• 2–4 years of experience in IT audit, technology risk advisory, or IT governance, with exposure to post-implementation reviews and SDLC audits.

Technical Exposure:

• Familiarity with ERP platforms (SAP, Oracle, Microsoft Dynamics), cloud environments, and standard IT control frameworks.