Technology Control Testing Specialist

Information Technology

Job Overview

Job title: Technology Control Testing Specialist

Job description: Technology Control Testing Specialist

Duration: 12 months

Location: Remote/Montreal once work on site resumes

Team Profile

As part of a team, you will be responsible for Testing and Assessment function focused on assessing design suitability and testing operating effectiveness of key controls as well as compliance with Technology, Information Security, and Cybersecurity Policies. This program operates within the global framework, regulatory and industry best practice, while partnering with various stakeholders to ensure that objectives of the relevant programs are met.

Responsibilities: * Using the company’s Risk and Control Framework (RCF), identify the corresponding controls in place at E*TRADE

  • Plan, oversee, and review the execution of detailed inspection/sample-based testing of compliance to RCF controls
  • Provide regular management reporting on progress
  • Build strong positive relationships with the E*TRADE Information Security / Risk community, Internal Audit, Operational Risk Department, and Risk Officers.
  • Deliver program specific communications to stakeholders on risk and control related matters e.g. technology and information security governance forums
  • Present results to stakeholders, senior management and other relevant parties
  • Prepare documentation of identified risks and issues for reporting in centralized issue / risk tracking applications

Required Skills: * Working knowledge of key Technology and Information Security concepts e.g. data classification, protection, policies, governance, privacy, security assessment tools

  • Understanding of key concepts related to risk assessment, controls and testing
  • Working knowledge of technology applications and infrastructure (e.g., server, network, platform desktop environment) and ability to identify and validate risk and controls
  • Understanding of relevant local technology risk regulations and the associated application to a financial services business
  • A minimum of 5 years of relevant risk experience from roles in any of the following:
  • Audit (internal or external)
  • Risk Officer / Information Security Officer
  • Technology Risk Governance
  • Risk Assessment (e.g., RCSA)
  • Control Testing (e.g., SOX)
  • Information Security / IT Security (e.g., Entitlements Management, Segregation of Duties, Threat Management, Penetration Testing, Strategy)
  • Regulatory (e.g., working as a financial services regulator or having experience dealing with regulators)
  • Technology / Information Security Policy / Procedures
  • Process/Risk/Control Frameworks, e.g., COBIT

Nice to Have: * Certified Information Systems Auditor (CISA)

  • Certified in Governance for Enterprise IT (CGEIT)
  • Certified Internal Auditor
  • Certified Information Security Manager (CISM)
  • Certified Information Security Professional (CISP)
  • Certified in Risk and Information Systems Control (CRISC)
  • ISO 27001 Auditor

Company: Modis

Expected salary:

Location: Montreal, QC

Job date: Thu, 20 May 2021 02:02:31 GMT

Apply for this job
Share:

A job board that helps you to get the right job based on your skills and experience.

T&C

Terms & Conditions

Contact Us

info@firstnationswork.com