Embrace what’s next.
Create new possibilities.

Job Purpose and Impact

The Controls Testing Specialist will lead and execute testing engagements of IT controls within different technology control domains. In this role, you will consult with business relationship managers, project managers and other key stakeholders to ensure a coordinated approach to monitoring effectiveness of control design and implementation across the organization.

Key Accountabilities

• Participate in the development and execution of assurance processes to ensure appropriate process, procedures and controls are adequately designed, implemented or remediated to meet compliance expectations, efficiency, sustainability goals and business objectives.
• Test the design and operational effectiveness of existing controls and recommend improvements to align with evolving regulatory and business needs.
• Write reports with identified findings and provide recommendations.
• Perform testing engagements including closure within the planned timelines.
• Consult, validate and monitor the implementation of remediation activities as result of testing findings and other identifications of non-compliance.
• Collaborate with risk analysts across all areas of the business on common risks to achieve optimization and coordination of remediation activities.
• Maintain and manage assurance documentation and records.
• Independently solve moderately complex issues with minimal supervision, while escalating more complex issues to appropriate staff.

Qualifications

MINIMUM QUALIFICATION

• Bachelor’s degree in IT or CA with IT audit experience. Professional certifications such as CISA, CRISC will be a plus.
• Strong knowledge of regulatory requirements and compliance standards, such as COSO - SOX, SWIFT, NIST, ISO, COBIT and CIS
• Knowledge and understanding of Technical Security controls at Network, Server and Application layers
• Excellent report writing and presentation skills

PREFERRED PRIOR EXPERIENCES 

• 5+ years of experience in Audits or Controls Testing or Risk assessment services of IT infrastructure, Applications, IT processes, Business Continuity and Governance.
• Experience in the implementation of risk remediation activities internally and for external stakeholders
• Hands-on experience in Test of design controls and Test of operating effectiveness review of IT operational controls.
• Ability to ensure compliance with risk and security or regulatory policies, standards, procedures and guidelines.
• Ability to define issues, collect data, establish facts and draw valid conclusions.
• Respond to and assist with consultation for low complexity risk and security matters.