Lead - IT Controls Testing

Conduct technical and procedural control testing across various security domains, such as access management, Change Management, Disaster Recovery, BCP, IT operations, network security, vulnerability management, incident response, logging & monitoring, and Endpoint security to ensure robust protection. Collaborate in planning, executing, and reporting on cybersecurity compliance testing, working closely with control owners and cross-functional business teams. Identify areas where controls may be weak, missing, or where new security risks are emerging. Monitor the progress of remediation efforts and validate the closure of identified issues. Carry out both manual and automated tests to verify compliance with internal security standards and external regulations. Evaluate controls against industry frameworks such as NIST 800-53, NIST CSF, ISO 27001, CIS Controls, SOX ITGC, and PCI-DSS. Drives strategic planning and execution by influencing stakeholders, contributing to strategic initiatives, and leveraging emerging trends to inform decisions across business and enterprise contexts. (Strategic & Planning initiatives) Builds and aligns strong relationships with internal and external stakeholders to ensure coordinated delivery and shared objectives. (Stakeholder Management) Leads communication planning and change management by creating tailored messaging, selecting appropriate channels, and supporting execution and sustainment activities. (Communication & Change) Provides analytical and consulting support by transforming data into actionable insights, diagnosing root causes, and solving problems within governance frameworks. (Analytics & Problem-Solving) Leads and executes end-to-end testing programs, ensuring accuracy, timeliness, and high-quality delivery aligned with business strategies and service standards. (Testing & Quality assurance) Creates and maintains adequate testing support documentation such as workpapers, testing reports, etc. to support the results of reviews including the write-up of findings/issues for reporting. (Documentation & Reporting) Provides advice and guidance on control effectiveness, program compliance and issue descriptions (Governance & Controls) Maintaining deep knowledge of business processes and Cyber controls while supporting continuous improvement initiatives. (Knowledge & Continuous Improvement) Operates independently, managing non-routine situations and adapting to broader accountabilities as required. (Work Characteristics)