Assurance Associate, Third Party Attestation - Summer 2025 (Denver)
BDO USA
BDO delivers assurance, tax, and financial advisory services that are tailored to our clients' industry, unique needs and goals.
The Assurance Associate, Third Party Attestation will be responsible for the preparation of third-party attestation reports, including System and Organization Controls (SOC) 1, SOC 2, SOC 3, SOC for Cybersecurity and WebTrust for CAs, as well as HITRUST, SSPA, ISO, MRC and CSA STAR applying most areas of the governing standard as necessary and documenting, validating, testing, and assessing various control systems, including internal controls.
Job Duties:
- Identifying and considering all applicable policies, laws, rules, and regulations of the firm, regulators, or other authoritative bodies as part of engagement team
- Making constructive suggestions to improve client internal control procedures
- Documenting and validating the operating effectiveness of the clients’ internal control system
- Documenting business and IT processes and controls and tests key controls for service organizations in a variety of industries
- Identifying and prioritizing key risks, and assessing their impact and likelihood of occurrence
- Communicating to the client areas to improve processes, strengthen controls, mitigate risks, and/or increase efficiency
- Developing and maintaining relationships with client personnel and management
- Ensuring technology is appropriately integrated into the examination process
GAAS:
- Developing and applying an intermediate knowledge of auditing theory, a sense of audit skepticism, and the use of BDO audit manuals
- Applying auditing theory to various client situations
- Documenting working papers and attestation reports in line with BDO policy
- Identifying instances where testing may be reduced or expanded
- Contributing ideas/opinions to the engagement team
Methodology:
- Completing all appropriate documentation of BDO work papers
- Ensuring assigned work is performed in accordance with BDO methodology and requirements
Research:
- Researching basic and intermediate topics and forming an initial opinion on the treatment independently
Training:
- Attend professional development and training sessions on a regular basis
- Complete required CPE hours to maintain applicable certifications
Qualifications, Knowledge, Skills and Abilities:
Education:
- Bachelor’s degree in Accounting, Computer Science, Management Information Systems, Finance, Economics, Business Administration, Managerial Marketing and Entrepreneurship with a concentration in any of the previous areas noted, required
- Master’s degree in Accounting, and minor or dual major in Information Systems or other relevant advanced degree, preferred
Experience:
- Less than one (1) year of prior experience in IT, internal or external audit or relevant industry experience, required
- Experience performing SOC, WebTrust, HITRUST, SOX, ISO 27001 and security/privacy advisory engagements, preferred
- Prior internship or experience working within a public accounting or internal auditing environment, preferred
License/Certifications:
- One or more of the following certifications are preferred:
- Certified Public Accountant (CPA)
- Certified Information Systems Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)
- ISO 27001 Lead Auditor certification
- HITRUST Certified Common Security Framework Professional (CCSFP)
- Certified Internal Auditor (CIA)
- Certified Information Security Manager (CISM)
- Certified Ethical Hacker (C | EH)
- Certified in Risk and Information Systems Control (CRISC)
- Certified in the Governance of Enterprise IT (CGEIT)
Software:
- Proficiency in Microsoft Office Suite, specifically Word, Excel, and PowerPoint, required
Other Preferred Knowledge, Skills & Abilities:
- Strong written and verbal communication skills
- Ability to follow instructions as directed
- Ability to work effectively in a team setting
- Ability to travel as necessary
- Takes appropriate actions without being asked
- Basic understanding of the planning and coordination stages of an audit preferred
- Ability to successfully interact with professionals at all levels
#J-18808-Ljbffr
