Job Description

Work with a nationally ranked CPA and advisory firm that is passionate for what's next. Aprio has 30 U.S. office locations, one in the Philippines and more than 2,100 team members that speak 60+ languages across the globe. By bringing together proven expertise, deep understanding, and strategic foresight for fast-growing industries, Aprio ensures clients are prepared for wherever life or business may take them. Discover a top-rated culture, vast growth opportunities and your next big career move with Aprio.
Join Aprio's Information Assurance Services team within Risk Advisory and Assurance Services (RAAS) and gain experience and understanding of IT Audit, Cyber Threats and Cybersecurity, and Service Organization Control (SOC) Reporting. Aprio is a progressive, fast-growing firm looking for new colleagues to join their dynamic team as a Senior Associate, Information Assurance Services.

Position Responsibilities:

Aprio’s Information Assurance Services (IAS) practice supports the delivery of attestation and consulting services for multiple clients in data and tech-based industries such as credit reporting and analytics, payment card services, healthcare IT, and cloud services. The business model and methodologies are focused on risk management and adding value to clients in all services provided. Aprio’s IAS group utilizes sound business practices and technical expertise (rather than working off checklists) to enable clients to identify, mitigate, and monitor the most technical risks associated with their technology use.
Client Services:

• Planning and leading client meetings, walk-through reviews of clients control procedures and processes; delivery and presentation of client deliverables
• Developing and leading the performance of, testing of clients’ security, privacy and other information risk management related controls
• Directing the execution of testing of clients’ internal controls, testing of clients’ internal controls and review of internal control testing executed by other team members
• Supporting clients in problem identification and resolution
• Performing assessments and testing against leading information security and privacy standards and frameworks, including ISO 27001, Trust Services Criteria, PCI DSS, NIST CSF, GDPR, HITRUST and others
• Leading and supporting preparation of client reporting deliverables; e.g., gap and risk assessments, SOC reporting, GDPR assessments, ISO 27001 certifications, etc.

Practice Development:

• Collaborating with other team members to streamline internal processes and procedures to improve client service and efficiencies

Sales and Marketing:

• Participate in meetings with new prospects and/or new service opportunities with existing clients
• Support preparation of sales proposals

Team Building:

• Interviewing potential candidates
• Being a mentor and/or coach to other team members
• Support in the development and delivery of training

Qualifications Needed:

• Amenable to work Mid-shift (3:00 PM – 12:00 MN PHT)
• Work Set-up: Remote
• One or more industry relevant certifications or wiliness to obtain relevant certification(s) within two years of employment. Certifications can include: CISA, CRISC, CIPP, CISSP, CISM, QSA, ISO/IEC 27001, or PCI ISA.

Education/Experience

• Undergraduate Degree (required): preferably in MIS/IS or related concentration – minimum 3.3 GPA
  Graduate Degree (preferred): preferably in MIS, IS or Accounting Information Systems
  Relevant work experience (2-4 years)
  Strong communication skills; verbal and written, with the ability to produce excellent written reports and audit documentation


• Commitment to continual learning and development
• Commitment to exceptional client service and creative problem-solving ability with a consultancy mindset
• Flexible, self-starter with the ability to interact with various levels of client and firm management
• Understanding of information technology risks and internal controls
• Ability to write test procedures and execute tests of controls
• Understanding of Service Organization Control, PCI, ISO, HITRUST and/or similar information technology control frameworks
• Ability to manage personal schedule and to lead multiple projects, tasks and deadlines


Project and focus areas within the Information Assurance Services practice include:

• Service Organization Control (SOC) Reporting (e.g., SOC 1 and SOC 2)
• Payment Card Industry Data Security Standard (PCI DSS)
• ISO Standards (e.g., ISO 27001/27002, 22301
• GDPR
• HITRUST
• Risk Assessments
• Risk Management
• Cyber Threats and Cybersecurity
• Agreed Upon Procedures
• Internal Audit Co-Sourcing
• EI3PA

Perks/Benefits we offer for full-time team members:- Wellness program- HMO coverage- Rewards and Recognition program- Free shuttle service (provided by CDC | for onsite employees)- Free lunch meal (For onsite employees)- On-demand learning classes- Discretionary time off and Holidays- Performance-based salary increase- Discretionary incentive compensation based on client or individual performance- Hybrid set up to selected roles/location, terms and conditions may apply- CPA & Certification Assistance and Bonus Program What's in it for you:- Working with an industry leader: Be part of a high-growth firm that is passionate for what's next. - A great team: Work with a high-energy, passionate, caring, and ambitious team of professionals in a collaborative culture. - Growth opportunities: Grow professionally in an environment that fosters continuous learning and advancement. - Competitive compensation: You will be rewarded with competitive compensation. EQUAL OPPORTUNITY EMPLOYERAprio is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race; color; religion; national origin; sex; pregnancy; sexual orientation; gender identity and/or expression; age; disability; genetic information, citizenship status; military service obligations or any other category protected by applicable federal, state, or local law.