Job Specifications
Payrate: $24.00 - $25.00/hr.
Summary:
We are seeking a highly skilled and motivated Technology Internal Controls Testing Analyst to join our dynamic First Line of Defense (FLOD) team. In this role, the candidate will play a crucial part in managing risks across Technology, and Engineering portfolios. As a key member of the Governance, Risk, and Compliance team, and will advocate for controlling lifecycle philosophy by supporting identification, assessment, testing, reporting, and monitoring of technology controls
Responsibilities:
Control lifecycle management, including identifying, assessing, mapping, monitoring, testing, and reporting on controls that align to the Technology Risk Taxonomy.
Understand, apply and promote “Risk as a Lifestyle" philosophy by understanding and adhering to enterprise policies, standards, and governance frameworks for risk and compliance.
Collaborate with business partners to identify and document key controls, ensuring alignment with SLOD and subject matter experts (SMEs) to meet requirements.
Partner with both SLOD and Third Line of Defense (TLOD) teams to streamline and reduce duplicative control testing efforts across all defense lines.
Collaborate with First Line of Defense (FLOD) Issue Management to map Technology Issues with the Technology Risk framework.
Collaborate with stakeholders and external auditors to maintain accurate documentation for the scoping, testing, and remediation of Technology risks and controls across the enterprise.
Support the development of tools and solutions that enhance technology risk management continuously identifying opportunities to improve efficiency.
Support annual Technology Risk Assessments in partnership with risk owners and control owners from FLOD as well as SLOD teams to ensure controls are documented, uplifted, or retired within the system of record.
Ability to understand and communicate complex processes and alignment to policy/regulatory requirements
Adherence to testing schedules to ensure all tasks and reporting are completed within established time frames
Collect and analyze test data from multiple sources, following established testing framework.
Review testing results with the business, addressing gaps and engaging the Technology Issue Management team when applicable to document Issues within the system of record.
Ensure assigned controls are properly written by the Enterprise Risk Management Policy
Ensure the accuracy and completeness of control documentation by performing regular control attestation. This includes verifying that each control is properly designed, documented, and operating effectively in alignment with the Enterprise Risk Management Policy.
Requirements:
2-3 years of experience in IT/Technology/Information Security Internal Audit or Compliance experience with exposure to financial products and services, banking industry, e-commerce or a Big-4 audit environment preferred.
Utilize a deep understanding of risk management methodologies, frameworks, and principles (e.g., SOX, COBIT, NIST, CSA, ITIL, PCI, GDPR, etc.) to evaluate and recommend best approach to mitigating risk with best-in-class controls.
Be able to engage at all levels of the organization to organize, drive and communicate results.
Operate in a fast-paced environment and able to handle several simultaneous projects and tasks while demonstrating urgency and ownership to drive issues to completion.
Innovate in the dynamic workplace by designing repeatable, sustainable processes that operationalize the risk management function
Possess strong oral and written communication skills along with refined presentation skills and the ability to work with other departments and varying levels of management, including senior leadership.
Have strong ability to be detail oriented, deadline driven, and organized with minimum direction and possess a high drive for results.
Bachelor’s degree in information management systems
Certifications highly desired (CRISC, CISA, CISSP, CISM, etc.)
Pay Transparency: The typical base pay for this role across the U.S. is: $24.00 - $25.00 /hour. Non-exempt positions are eligible for overtime at a rate of 1.5 times the base hourly rate for all hours worked in excess of 40 in a work week, or as required by state or local law. Final offer amounts, within the base pay set forth above, are determined by factors including your relevant skills, education and experience. Full-time employees are eligible to select from different benefits packages. Packages may include medical, dental, and vision benefits, health savings accounts with qualified medical plan enrollment, 10 paid days off, 3 days paid bereavement leave, 401(k) plan participation with employer match, life and disability insurance, commuter benefits, dependent care flexible spending account, accident insurance, critical illness insurance, hospital indemnity insurance, accommodations and reimbursement for work tra