Introduction:

Our Client in the Asset Management space is currently embarking on a multi-year project to obtain its SOC 2 Type II certification and is looking for an IT Consultant Lead to perform an integral role in the execution of this project. The consultant will play both a tactical hands-on role as well as a strategic one and will provide thought leadership and subject matter expertise related to IT processes, controls, applications, and existing/emerging risks. In addition, the consultant will develop and grow exceptional relationships with internal and external stakeholders.

Major Areas of Responsibilities:
• Lead the IT General Controls (ITGC) Program and develop the program strategy from an IT perspective
• Provide subject matter expertise and thought leadership to ensure IMCO’s IT and Data environments meet
• SOC2 certification
• Working with the external auditors, assist IT’s senior leadership team with identifying the scope of work required
• Prepare documentation to... support the control system descriptions, processes, and other necessary documentation to meet audit requirements and client deliverables
• Design, set up and document processes/plans to remediate/improve/enhance the control environment
• Lead project management of the SOC2 project (i.e., plan, manage activities, testing status, deficiency tracking, risk/issue identification, reporting for senior leadership team, etc.)
• Understand and review IT and business processes (including key systems) and the related control environment to assess risk and support ongoing risk monitoring
• Effectively partner and build trust and credibility with IT and business owners
• Support process/control owners in key internal control design/identification that is effective and drives value to the business
• Manage the process, and where required, review SOC reports from key outsourced service providers.
• After the inaugural SOC2 Type II report is established and in conjunction with the external auditor, develop and/or enhance the program methodology, framework, and testing approach
• Manage and facilitate the SOC (Service Organization Control) report process for IT
• Propose appropriate internal control test strategies driving effectiveness and efficiencies
• Perform Quality Assurance (QA) procedures, as required

To be successful in this role, you will possess:
• 10+ years experience dealing with IT controls (SOC1, SOC2)
• Experience with IT General Controls (ITGCs)
• Previous experience setting up control environments to support SOC2 certification
• CPA, CISA or CIA Designations are accepted (nice to have)
• Strong knowledge and experience with NI 52-109
• Strong experience and interest for how technology and financial systems can support internal control effectiveness and efficiency
• Able to adapt to a growing/changing environment and take a practical approach by wearing many hats of advisory, thought leadership, execution and project management
• Strong analytical skills – includes the ability to spot, assess and address risk, materiality and interdependencies and translate it into impact analysis and recommendations for improvement.
• Strong communication skills – presenting internal control and risk matters in an understandable way across various forums and levels of the organization with the right level of detail. Excellent written and oral English communication skills
• Strong interpersonal skills with the ability to interact with colleagues at all levels and cultivate key partnerships to work collaboratively with internal and external stakeholders as well as third-party service providers
Toronto ON

Salary Criteria