Functional role: 2LOD R&C
Work Location : Remote work but need to be near Charlotte, NYC, or LA
Duration: potential for CTH
Overview of project/skills required: Focus on control testing (i.e., Test of Design, Test of Implementation (Test of 1) and Test of Operating Effectiveness ) and not on broader IT risk concepts (i.e., actually creating & designing controls, implementing frameworks, etc.). Everyone has a lot of experience across IT Audit which is great, but IT Audit or Risk with a heavier lean on IT control testing should get us closer to the rate we need on final role to fill.
Skillset:
• Mandatory to have IT audit or IT risk management background in the 1st/2nd/or 3rd line of defense
• Must have experience testing or challenging a broad set of IT control design and effectiveness (not just ITGCs). Examples include but not limited to:
• Configuration
• Network Security
• Vulnerability Management
• IT Asset Management
• End of Life
• Tech lifecycle
• Hardware & software management
• Ops Resilience
• Business continuity
• Mandatory to have done this at a financial services institution
• Mandatory to thoroughly understand the concepts and be well versed in Test of Design, Test of 1, Test of Implementation, Test of Operating Effectiveness
• We will be operating in the 2LOD in an IT Operational Risk Management function.
• Our primary work products are:
• Challenging the quality of completed IT control testing both in Design and Operating Effectiveness
• Challenging the Risk and Control inventory as aligned to enterprise control drafting standards
• Ensuring procedural alignment to control activities
• Attending walkthroughs of controls and asking questions to understand the way the control is designed and operating currently
• Documenting detailed reporting on your progress multiple times a day in status tracking
• Adhering to a standard review framework (we would train to that review framework but the requisite skills above are necessary for comprehension)
Apply Now
Apply Now