Director, Technology Risk Advisory jobs in United States
cer-icon
Apply on Employer Site
company-logo

Highspring (Formerly MorganFranklin Consulting) · 2 weeks ago

Director, Technology Risk Advisory

positionRaleigh, NC
timeFull-time
remoteHybrid
seniorityDirector/Executive
money$181K/yr - $293K/yr
date10+ years exp

Highspring is a consulting firm that provides opportunities for growth and career advancement. The Director of Technology Risk Advisory will shape the strategic direction of the practice, drive business development, and work with clients on projects related to SOX compliance, internal audit, and enterprise risk management.

AccountingConsultingRisk Management
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

You will be responsible for helping to shape the strategic direction of the practice
Drive business development, both by expanding and growing existing accounts and pursuing new client opportunities for the firm
Work with emerging growth companies and established enterprises (both publicly traded and privately held) on a wide variety of projects including Sarbanes-Oxley (“SOX”) readiness and compliance, internal audit, and enterprise risk management (“ERM”)
Assist companies with implementing and assessing the effectiveness of SOX compliance programs, including, but not limited to the following activities:
Conducting risk assessments and system scoping
Conducting walkthroughs and documenting end-to-end technology processes, identifying risks and key controls, using narratives
Documenting and assessing the design and effectiveness of key IT general controls (“ITGC”) and IT application controls (“ITAC”)
Executing testing to validate the operating effectiveness of controls
Evaluating controls deficiencies to determine impact and significance
Identifying and implementing effective and efficient plans to remediate control deficiencies
Summarizing and documenting results of work performed including management reporting
Execute internal audit and IT risk management activities to support our client’s risk management initiatives
Demonstrate subject matter expertise on technology risks and internal control solutions associated with ERP, SaaS, IT infrastructure and cloud platforms
Create and deliver presentations on technical concepts, project work plans, delivery approach, milestones, and results to client stakeholders
Review team progress to ensure compliance with work program, professional standards, budgets, deliverables, and deadlines
Identify, design and implement creative business solutions to continually improve the firm’s services, methodologies and approaches
Leverage firm partnerships and tools to deliver efficient and effective approaches to implement and assess risks relating to information security and change management
Apply subject matter expertise in areas such as data analytics to enhance approaches to internal audits and control assessments
Understand the breadth of services offered by Risk & Regulatory, as well as MorganFranklin holistically, to be able to identify additional opportunities at our clients
Direct and facilitate teams, working with different groups within the organization (technology, accounting, finance, operations)
Manage existing and prospective client relationships with an eye toward identifying and closing on new business opportunities
Lead project teams, share your individual subject matter expertise, and be a primary liaison to our clients
Actively participate in career development activities and technical training of staff
Mentor and develop team members
Establish credibility as a trusted advisor

Qualification

SOX complianceIT risk managementInternal auditERP applicationsRisk assessmentsIT controls frameworksCloud computingData analyticsBusiness developmentTeam leadershipMentoringPresentation skills

Required

10+ years of recent professional services experience (public accounting or advisory firm). 5+ years of professional services experience may be combined with applicable IT risk management and internal controls experience with a Fortune 500 organization to meet the minimum requirement
Bachelor's degree in Business Administration, Accounting, Management Information Systems or a related field
One or more of the following risk related certifications: CPA, CIA, CISA, or CISSP
Demonstrated track record of technical expertise with SOX, IT risk management and internal audit
Subject Matter Expert on select ERP applications such as SAP, NetSuite, Oracle Cloud, PeopleSoft, or Microsoft Dynamics
Detailed understanding of Sarbanes-Oxley (SOX) compliance and PCAOB requirements
Experience implementing and assessing controls over highly automated business processes
Knowledge of IT leading practices to provide clients effective and practical recommendations
Knowledge and application of IT controls and governance frameworks such as SOC 1/2, COBIT, NIST (CSF, 800-53, and 800-171), ITIL and ISO 27001/2
Knowledge of emerging technology risks, including cloud computing, agile development/CICD, cybersecurity, and privacy
Knowledge of best practices for authentication, authorization and change management
Strong foundational knowledge of infrastructure and platforms components such as Windows, Linux, Unix, Active Directory, SQL, MySQL, Open Source, and Oracle
Strong track record of meeting business development targets and developing thought leadership materials
Proven ability to lead, motivate and build teams that deliver services and solutions that surpass client expectations
Ability to lead workshops, including the gathering/documenting of requirements and use-cases and recommendation of envisioned processes
History of developing risk and compliance thought leadership
Experience developing detailed work plans for project activities within scope of application responsibility
Flexibility to travel at least 25%
Due to the unique security requirements for this client portfolio, US Citizenship is required

Preferred

Experience managing up to 15 IT risk projects concurrently
Experience designing and implementing internal controls in conjunction with ERP implementation projects
Experience performing platform security assessments, implementing information security solutions, performing segregation of duties assessments using automated solutions (e.g., Fastpath) and implementing GRC solutions (e.g., Workiva, AuditBoard)

Benefits

Variety of bonus and financial incentives based on individual and company performance

Company

Highspring (Formerly MorganFranklin Consulting)

twittertwittertwitter
Glassdoor3.6
company-logo
MorganFranklin Consulting is now Highspring, a leading global professional services organization with three integrated offerings—Consulting, Managed Services, and Talent Solutions.
dateFounded in 1998
location
Mclean, Virginia, USA
people-size501-1000 employees
web-link
http://morganfranklin.com

Funding

Current Stage
Late Stage
Total Funding
$5.22M
2019-08-06Acquired
2014-06-23Series Unknown· $0.4M
2014-04-17Series Unknown· $4.82M

Leadership Team

leader-logo
Ron Morgan
Founder
linkedin

Recent News

Morningstar.com
DLA, LLC Names Cybersecurity Veteran Alex Islamov to Drive Expansion of its Cyber Practice
2025-08-25
PitchBook
Private equity’s steep path to AI
2025-02-21
PR Newswire
MorganFranklin Consulting Promotes Jeffrey Henry to the Role of President
2025-02-13
Company data provided by crunchbase