Senior Associate 1

This role requires strong subject-matter expertise in IT General Controls (ITGCs) and IT Application Controls (ITACs), with the ability to review complex control testing across major ERP systems like SAP, Oracle, and Workday. You will need a thorough understanding of SOC 1, SOC 2, SOC 2+ (HITRUST), and SSAE 18 attestation standards, including trust services criteria, testing methodologies, and reporting expectations.

You will perform independent quality reviews of IT testing work delivered by GTA teams, evaluating whether risk assessments, IT audits, and control testing align with KPMG US Audit Methodology and professional standards. The role involves assessing complex issues, conducting root-cause analysis, and providing technically sound solutions while escalating high-risk matters appropriately.

You will provide clear, constructive feedback to improve documentation quality and audit execution, govern stakeholder feedback processes, and stay current on Professional Practice Letters (PPLs). Additionally, you will contribute to automation and tooling initiatives, support practice-level quality improvements through best-practice sharing, and provide ongoing coaching and guidance to junior team members.

Experience evaluating risks across various IT platforms including ERPs, UNIX/Linux, Windows, Mainframe, iSeries (AS400), SQL, Sybase, Oracle, DB2, and popular cloud-hosted solutions is required. A strong understanding of different industry sectors and business contexts is essential.