As a Control Validation Testing analyst, your role on the team will include leveraging your knowledge of industry best practices, people and problem-solving skills to ensure regulatory (e.g., SOX, Sarbanes Oxley) and non-regulatory (e.g., Company Policy and standards) compliance functions are properly executed.
You must be passionate about control testing practices and compliance, as you’ll need a good working knowledge of industry best practice frameworks, such as ISO, NIST and CoBIT and controls testing methodologies. You will regularly meet with business and technology teams across Client to test new and existing controls for their compliance to the requirements. You will work cross-functionally within the Corporate Information Security (CIS) teams and across Client for information security compliance operations.
We're looking for someone who has clearly demonstrated skills and experience, since your responsibilities will include, but not be limited to:
•Consult on control design and control operations related in support of compliance requirements.
•Understand the relationship between information security policies, standards, procedures, and controls as they pertain to the delivery and maintenance of quality systems so that you can effectively advocate information security rationale to business stakeholders.
3 + years of IT Audit, internal Audit, and/or IT compliance history
•Knowledge of information security principles, frameworks, and best practices (e.g., PCI DSS, COBIT, COSO, NIST and ISO 27000).
•Excellent collaboration skills – must be eager to work as part of a cohesive team and work as a partner to others within Client, Inc. both at WHQ and globally.
•Proven experience identifying solutions for complex problems in enterprise environments.
•Excellent analytical and problem-solving skills.
•Current on information security technologies, trends, standards, and best practices.
•Strong business acumen to quickly learn new business processes and understand how the SOX ITGC’s support the business in achieving annual compliance.
•2-3 years audit experience
Bachelor's degree in Business Information Management, Information Security, Computer Science, Finance, or Accounting.
•CISA, CRISC, CISSP, or CISM certifications are beneficial.