Overview
Director (IT Risk)
USA: Remote | Job Type: Part-Time
About MGO:At MGO, human care comes first. We empower our people to thrive so they can deliver exceptional results for clients shaping culture and industry. As a top CPA and advisory firm with 500+ professionals across the U.S. and India, MGO serves clients in 97 countries and is consistently recognized as a Best Place to Work.
Role Summary:MGO is seeking an experienced IT Risk Director for a part-time, remote role leading IT Internal Audit and Advisory engagements. This individual will serve as a trusted advisor to PCAOB clients, overseeing complex IT risk, compliance, and assurance initiatives while mentoring teams and driving operational excellence. The ideal candidate will bring deep expertise in PCAOB standards, ITGC, SOX, and broader regulatory frameworks, along with a proven track record of success within a professional services environment.
Key Responsibilities:
Oversee IT Internal Audit Advisory services, ensuring engagements meet financial and performance targets
Manage financial audit inquiries and interface with regulatory bodies, including PCAOB
Lead and develop teams conducting IT risk assessments, internal audits, and compliance reviews across diverse industries
Recommend practical internal control solutions that balance risk mitigation with client resources
Negotiate project scope, budgets, and billing for recurring client engagements
Foster a strong team culture through mentorship, coaching, and professional development
Qualifications:
Bachelor’s degree in a relevant field
12+ years of experience in IT risk, internal audit, IT compliance, or information security
Proven expertise delivering ITGC, SOX, and IT audit engagements
Strong knowledge of frameworks such as COSO, COBIT, ISO 27001, ITIL, PCI, HIPAA, GLBA, and FFIEC
Demonstrated experience managing teams and client relationships in a professional services environment
Project management experience, including planning and execution of IT audit engagements
Relevant certification(s) such as CISA, CISSP, CRISC, or equivalent preferred
