Manager, It Advisory Risk & Assurance

** Please note this is a permanent, full-time Hybrid opportunity **

We are a member firm of the greater Raymond Chabot Grant Thornton & Grant Thornton Canada networks. OXARO Inc. focuses on supporting public sector clients across Canada in advisory and placement services as well as digital solutions. Over recent years, we have been focusing on growing and expanding the value-added services we offer to our Public Sector clients. Through discoveries made during advisory engagements, OXARO Inc. recognized a trending gap in the marketplace to deliver innovative digital solutions. OXARO’s Digital practice seeks to close this gap with the Public Sector through the delivery of modern technology, and services for our clients.

What we're looking for

OXARO Inc. is seeking a Manager, IT Advisory Risk & Assurance to manage and deliver client engagements in line with our guidelines and standards. Conduct fieldwork (remote or at client site) such as walkthroughs, interviews, technical testing, document findings and observations, conduct interviews, etc. The successful candidate will be a team player and plays the role in mentoring and training junior staff. As well as contribute to enhancing OXARO’s IT Advisory, Risk and Assurance service line through market presence and working with senior management on achieving strategic goals.

A day in the life

• Lead and execute client assessments in the following areas:

- IT internal audit

- IT Risk

- Data Governance and Management

- Artificial Intelligence Readiness

- Cloud Security

- Various IT security and Operational Audits

• Maintain knowledge of risk and governance frameworks, regulatory and compliance mandates, and latest industry trends
• Provide ongoing feedback to clients, project team and senior management alike.
• They will Support clients with remediation activities and control verifications.
• Conduct analysis of companies’ internal control structure, performance, sustainability, productivity, and efficiency
• Conduct fieldwork (remote or at client site) such as walkthroughs, interviews, technical testing, document findings and observations, conduct interviews, etc.
• Provide clients with advice and guidance on their security posture, security controls and recommendations for improvement.

Role Requirements:

• Willingness and ability to travel to client sites when necessary.
• Strong understanding and experience with security controls audits or assessments (e.g., SOC 2, ISO 27001, NIST) is preferred.
• Valid secret clearance or ability to obtain as such.
• One of the following designations (completed or working towards): CPA, CISSP, CISA, CISM, CRISC, ISO27001 Lead Auditor.
• Experience in ITGCs, ITACs, cyber security, project risk, security governance, Cloud, data governance, application security, IT business continuity management, etc.
• A strong IT background is preferred.
• 3 to 7 years of experience in deploying, assessing, or managing information technology risk with combined relevant experience in IT auditing, risk management methodologies, information security, and readiness assessments.
• Excellent interpersonal and communication skills
• Ability to work independently with little supervision in a fast-paced environment.
• Independent thinker with keen attention to details and strong organization and analytical skills.
• Knowledge and experience with business and technology frameworks/standards such as NIST CSF, ISO 27001, ITIL, COBIT, COSO, SOX, SOC1/2, PCI, GDPR etc.
• Bachelor's degree required in one of these disciplines: accounting, business, finance, economics, computer science, engineering, or other relevant degree.

Only candidates being considered will be contacted.

OXARO Inc. is an equal opportunity employer. We welcome and encourage applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.