Job Specifications
Our client is a top financial institution with significant North American holdings. They have operations across most major verticals, including institutional & corporate, wealth management, private client, commercial banking, treasury, and retail banking.
Introduction: Robertson is seeking a skilled IT - Info Security Analyst I to join our clientin support of an existingvacancy.
Contract Period: 3 months
Pay Rate: Starting from $46 per hour
Location: Mount Laurel, NJ
Location Type: Hybrid
Business Hours: Monday-Friday;9:00 AM – 5:00 PM
Job Responsibilities:
Conduct quality assurance reviews and challenge of remediation action plans for internal audit and regulatory findings related to information security and technology controls, working with stakeholders across the three lines of defense to ensure effective risk mitigation and remediation
Assess whether action plans sufficiently address root cause, risk drivers, and control design gaps
Assess remediation evidence for accuracy, completeness, and sustainability
Apply established QA rubrics, control standards, and review methodologies consistently
Identify gaps, weaknesses, or misalignment with policy, standards, and regulatory expectations
Document review results, conclusions, and rationale in a clear, defensible manner
Evaluate information security controls across areas such as access management, change management, vulnerability management, data protection, logging and monitoring, third party risk, etc
Assess residual risk and escalate concerns where remediation effectiveness is insufficient
Maintain accurate records of review activities, decisions, and supporting evidence
Support management reporting and metrics related to remediation quality and status
Engage with technology owners to clarify remediation approaches and evidence
Provide constructive challenge and guidance while maintaining independence
Collaborate with audit, operational risk management, and compliance partners to ensure alignment and consistency
Contribute to continuous improvement projects, leveraging agile / lean continuous improvement practices/methods that demonstrate sustainable and leading-edge solutions (e.g. Artificial Intelligence (AI), Machine Learning (ML), Power BI/Apps, Python, etc.)
Identify emerging themes, understand trends, and provide specialized business management advice to senior management and respective teams while raising industry, external and internal, enterprise and business awareness
Stay apprised on Industry Best Practices as well as the Technology and Information Security Audit and Regulatory environment
Experience & Qualification Requirement:
University degree
5+ years of experience in information security, technology risk, audit and regulatory remediation processes
Expert knowledge of IT Audit and Control methodology, IT Governance Controls and Standards, and associated tools to ascertain the quality and effectiveness of technology remediation plans
Competencies in technology controls, emerging threats, and technology risk disciplines and practices
IT governance experience in various information security methodologies/frameworks (e.g., COBIT 5, NIST, etc.)
Knowledge of IT policies, standards, and technology risk disciplines and practices
Knowledge / Experience in core Agile frameworks such as, Scrum, Kanban, and Extreme Programming to execute Challenge functions as defined by the Agile methodology
Sound understanding of data analytics (collection, analysis, distribution etc.) and complex business processes
Experience with change management methods to evolve technology issue management framework (people/process/technology) specific to Challenge Operation
Experience with Key Performance and Risk Indicators and Technology Risk analytics and reporting, managing and refining business rules and thresholds for Technology controls performance (KPIs) and aggregating risk (KRIs)
Provide support to the development and testing teams to resolve data issues
Excellent verbal and written business communication skills; meticulous documentation
Ability to manage multiple efforts simultaneously and strong organizational skills
Ability to effectively interact with individuals across the organization and at various levels (technical, business, Senior & Executive Management)
Ability to educate colleagues and team members related to Challenge Operation processes/tools
Ability to contribute to / participate in complex technology projects
Understanding of information security control frameworks (e.g., NIST, ISO 27001, CIS)
Experience reviewing control design, implementation, and operating effectiveness
Strong analytical skills with attention to detail and sound professional judgment
Experience supporting 1B, 2LOD, or QA/challenge functions
Experience reviewing remediation evidence and validating control effectiveness
Exposure to GRC tools (e.g., Archer, ServiceNow or similar platforms)
Expert knowledge various technology tools: including JIRA, Confluence, SharePoint, MS Office