Associate - IT risk /IT Controls Testing & Assurance

Role & responsibilities

Experienced IT Risk and Control , IT audit and assurance, cyber security in cloud space is mandatory.

• Perform Control Testing in line with Control Testing methodology/minimum standard
• Identify control deficiencies (findings), risks related to elements of controls, participate in findings agreement with stakeholders, escalate potential issues and exception items noted during the testing to senior management for discussion and further investigation, if deemed necessary
• Prepare Control Testing workpapers for senior management detailing testing results, document findings with highest quality
• Track Control Testing identified findings, perform required follow-up on open findings
• Consider regulatory and internal firm policy requirements as well as established best practices for control assurance.
• Support controls assurance activities
• Support in monitoring Control testing teams adherence to Control Testing methodology/minimum standards
• Support, contribute in managing Control Testing vendor resources, where applicable
• Track testing related effort/budget Plan Vs. Actuals throughout the testing lifecycle
• Build and maintain solid working relationships with key stakeholders such as within the DCO, IDCO, TSCO, GTI and other Testing Teams including Divisions/sub-divisions, 2 LoD and Group Audit (GA)

Preferred candidate profile

Experienced IT Risk and Control , IT audit and assurance, cyber security in cloud space is mandatory.

• University degree preferably in Computer Science, Mathematics, Engineering or a related subject or equivalent qualification in the areas of information security.
• Professional/industry recognized qualifications e.g., CISA, CISSP, CISM, CRISC are beneficial.
• Experience in Cloud Security audit/testing, GCP (Google Cloud Platforms) or Professional/industry recognized qualifications e.g., CCSP, CCSK will be an advantage
• Good knowledge of auditing IT application controls, e.g., from IT audits or IT risk management.
• Understanding of the relationship between IT risk and underlying business process risk.
• Knowledge of regulations governing financial institutions is beneficial.
• Strong written and verbal communication skills and the ability to communicate effectively in conflict situations.
• Strong organizational skills and attention to detail.
• Ability to work under pressure, multi-task and prioritize workload.
• Strong analytical skills and structured thought process with the ability to clearly articulate control deficiencies and related risk
• Flexible, proactive, and innovative mind set with strong organizational skills to take ownership and responsibility for agreed targets and to meet them within budget to enable a timely and efficient completion of projects.
• This is an IC (individual contributor) role.

Perks and benefits

• Training and development to help you excel in your career
• Flexible working to assist you balance your personal priorities
• Coaching and support from experts in your team
• A culture of continuous learning to aid progression
• A range of flexible benefits that you can tailor to suit your needs