IT Control Tester

About The Position

Requirements

• 3 years of IT controls testing experience (preferably ITGC, Cybersecurity and Cloud Platforms etc..)
• OR 3 years experience in operational controls testing (preferably in areas such as Capital Markets, Fraud , Wealth Management and Personal Banking)
• Strong understanding of IT risk and control frameworks (e.g., COBIT, ITIL, ISO 27001, COSO, NIST, PCI DSS).
• Verbal & written communication skills - In-depth.
• Collaboration & team skills - In-depth.
• Analytical and problem solving skills - In-depth.
• Influence skills - In-depth.
• Data driven decision making - In-depth.

Nice To Haves

• Certifications such as CISA, CISM, CISSP, or CPA are considered an asset.
• Former knowledge and/or experience within Enterprise Operations or other functional areas (Capital Markets, Wealth Management etc.) at any financial institution.
• Good understanding of key risks and control principles for operations environments including operational risk, regulatory compliance/AML risk, reputational risk and processing and execution risk.

Responsibilities

• Perform technical and procedural control testing across various security domains, including access management, change management, disaster recovery, BCP, IT operations, network security, vulnerability management, incident response, logging & monitoring, and endpoint security.
• Support the execution of compliance testing activities by working with control owners and cross-functional teams to gather evidence and validate controls.
• Identify and document control gaps, weaknesses, or emerging risks observed during testing activities.
• Track remediation activities and assist in validating the closure of identified issues.
• Execute manual and automated testing procedures to assess compliance with internal security standards and external regulatory requirements.
• Assess controls against established frameworks such as NIST 800-53, NIST CSF, ISO 27001, CIS Controls, SOX ITGC, and PCI-DSS.
• Contribute to strategic initiatives by providing testing insights, highlighting trends, and supporting decision-making through findings.
• Collaborate with stakeholders to ensure timely completion of testing activities and alignment on requirements and expectations.
• Support communication activities by preparing updates, documenting findings, and assisting in conveying results to relevant stakeholders.
• Analyze test results, identify root causes of issues, and provide input to help resolve control deficiencies.
• Execute assigned testing tasks end-to-end with a focus on accuracy, timeliness, and adherence to quality standards.
• Prepare and maintain testing documentation, including workpapers, evidence logs, and reports to support audit conclusions and findings.
• Provide input on control effectiveness and assist in documenting observations and issue descriptions.
• Maintain knowledge of business processes and cybersecurity controls while contributing to continuous improvement efforts.
• Work independently on assigned tasks, following established procedures and adapting to changing priorities as needed.

Benefits

• health insurance
• tuition reimbursement
• accident and life insurance
• retirement savings plans