ISG

• Manage IT audit and assurance engagements, including SOC 1, SOC 2, SOC 3, SOC for Cybersecurity, HITRUST, HIPAA, and other compliance assessments. • Collaborate with senior team members and Partners on risk assessments, audit planning, and reporting. • Lead day-to-day engagement activities, providing guidance, oversight, and feedback to staff and seniors. • Build and maintain client relationships through proactive communication and high-quality service delivery. • Oversee evaluation of IT control design and operational effectiveness. • Identify and clearly communicate audit findings and remediation recommendations to clients. • Participate in client meetings and ensure a positive client experience throughout the engagement lifecycle. • Support continuous improvement of assurance methodologies, tools, and documentation standards. • Ensure work is performed in compliance with quality control and professional standards. • Assist in training and mentoring team members to support skill development and career growth. • Provide weekly status updates to management, including progress tracking and issue escalation. • Demonstrate professionalism, integrity, and ethical behavior in all activities. • Stay current with regulatory changes, industry standards, and IT audit best practices. • Proactively raise potential engagement or client issues with firm leadership. • Participate in business development efforts, including proposal support and client presentations. • Take on special projects assigned by the partner group as needed.

• The PCI-QSA Senior Consultant is responsible for executing PCI DSS compliance assessments and audits, ensuring that client environments meet applicable security standards. • This role combines technical expertise, audit execution, and client advisory to identify risks, assess controls, and support organizations in achieving and maintaining compliance. • Perform PCI DSS assessments, including on-site and remote audits. • Evaluate the design and operating effectiveness of security controls. • Review client documentation, systems, and processes for compliance readiness. • Document audit procedures, findings, and recommendations. • Identify compliance gaps and provide remediation guidance. • Prepare clear and structured audit reports and deliverables. • Maintain regular communication with clients throughout engagements. • Ensure adherence to internal quality standards and audit methodologies. • Support clients in understanding compliance requirements and next steps. • Stay current with PCI DSS standards and evolving security practices.

• Perform the day-to-day activities of IT audit engagements (SOC 1, SOC 2, HIPAA) and readiness assessments under the direction of a management team member. • Evaluate the design and effectiveness of technology controls • Identifies and communicates IT audit findings to management • Help identify performance improvement opportunities for assigned clients • Communicate effectively with the clients and team members • Lead client meetings and foster client relationships through proactive communication • Provide weekly status reports to management • Proactively communicate to management regarding any potential issues

• The role of Manager includes the execution of client engagements and internal activities related to SOC 1, SOC 2, and SOC 3 examinations, HIPAA assessments, and external audits of other security and privacy frameworks/standards. • Auditing services related to security, compliance, and attestation services. • Executes the day-to-day activities of IT audit engagements (SOC 1, SOC 2, SOC 3, SOC for cybersecurity) • Evaluate the design and effectiveness of technology controls. • Identifies and communicates IT audit findings to management. • Help identify performance improvement opportunities for assigned clients. • Communicate effectively with the clients and team members. • Participate in client meetings and foster client relationships through proactive communication. • Supervise and provide performance management for IT audit staff working on assigned engagements. • Provide weekly status reports to management. • Proactively communicate to management regarding any potential issues • Train staff in the IT audit team

• Auditing services related to security, compliance, and attestation services. • Executes the day-to-day activities of IT audit engagements (SOC 1, SOC 2, SOC 3, SOC for cybersecurity). • Evaluate the design and effectiveness of technology controls. • Identifies and communicates IT audit findings to management. • Help identify performance improvement opportunities for assigned clients. • Communicate effectively with the clients and team members. • Participate in client meetings and foster client relationships through proactive communication. • Supervise and provide performance management for IT audit staff working on assigned engagements. • Provide weekly status reports to management. • Proactively communicate to management regarding any potential issues. • Train staff in the IT audit team

• The role of Manager includes the execution of client engagements and internal activities related to SOC 1, SOC 2, and SOC 3 examinations, HIPAA assessments, and external audits of other security and privacy frameworks/standards. • Auditing services related to security, compliance, and attestation services. • Executes the day-to-day activities of IT audit engagements (SOC 1, SOC 2, SOC 3, SOC for cybersecurity). • Evaluate the design and effectiveness of technology controls. • Identifies and communicates IT audit findings to management. • Help identify performance improvement opportunities for assigned clients. • Communicate effectively with the clients and team members. • Participate in client meetings and foster client relationships through proactive communication. • Supervise and provide performance management for IT audit staff working on assigned engagements. • Provide weekly status reports to management. • Proactively communicate to management regarding any potential issues. • Train staff in the IT audit team.

• Perform the day-to-day activities of IT audit engagements (SOC 1, SOC 2, HIPAA), and readiness assessments under the direction of a member of the management team. • Evaluate the design and effectiveness of technology controls • Identifies and communicates IT audit findings to management • Help identify performance improvement opportunities for assigned clients • Communicate effectively with the clients and team members • Lead client meetings and foster client relationships through proactive communication • Provide weekly status reports to management • Proactively communicate to management regarding any potential issues

• Serve as the primary point of contact for clients and develop strong relationships with key stakeholders • Understand clients' business objectives and help them achieve their goals by providing expert guidance and advice • Conduct regular check-ins with clients to help them get ready for their compliance audit engagements • Be able to identify needs for additional services • Work closely with internal teams to ensure the timely delivery of services to clients • Proactively identify and address client concerns and issues, and develop solutions to improve their experience • Ensure clients are satisfied with our services, and identify opportunities for upselling

• Serve as the primary point of contact for clients and develop strong relationships with key stakeholders • Understand clients' business objectives and help them achieve their goals by providing expert guidance and advice • Conduct regular check-ins with clients to help them get ready for their compliance audit engagements • Be able to identify needs for additional services • Work closely with internal teams to ensure the timely delivery of services to clients • Proactively identify and address client concerns and issues, and develop solutions to improve their experience • Ensure clients are satisfied with our services, and identify opportunities for upselling

• Serve as the primary point of contact for clients and develop strong relationships with key stakeholders • Understand clients' business objectives and help them achieve their goals by providing expert guidance and advice • Conduct regular check-ins with clients to help them get ready for their compliance audit engagements • Be able to identify needs for additional services • Work closely with internal teams to ensure the timely delivery of services to clients • Proactively identify and address client concerns and issues, and develop solutions to improve their experience • Ensure clients are satisfied with our services, and identify opportunities for upselling