Assistant Vice President – Controls Testing & Assurance, ORM IT & IS Testing
United States
Full Time
1 day ago
$75,000 - $119,500 USD
H1B Sponsor
Key skills
CloudCyber SecuritySDLCRisk ManagementCollaboration
About this role
Role Overview
- Support planning and execution of ORM IT & Information Security (IS) risk oversight testing projects across all areas of CT&A under the direction of the ORM IT&IS Team Lead
- Evaluate technology control testing in accordance with regulatory standards, internal firm policies, and industry best practices
- Partner with the ORM IT & IS Team Lead and CT&A stakeholders to create a review work plan based on annual risk assessment findings
- Assess IT and Information Security operational risks, identify root causes, implement remediation plans, and escalate critical issues or exceptions to senior management for review and follow-up
- Support the preparation of reports to senior management detailing review findings and recommendations
- Report periodically on major activities completed and planned for the upcoming period
- Ensure all findings and recommendations are recorded in CT&A’s issue tracker, and follow up on open issues to ensure proper resolution
- Develop and maintain strong relationships with key stakeholders, including the Technology Testing Team, CT&A (e.g., business testing teams), Compliance, AFC, Business Divisional Control Officers, the Technology, Data and Innovation Group (TDI), and Group Audit
Requirements
- Bachelor’s degree in computer science, Mathematics, Engineering, or a related field, or equivalent deep expertise in information security
- Professional certifications such as CISA, CISSP, CISM, or CRISC
- Familiarity with ITIL 4, COBIT5, or ISO 27001 is a plus
- Experience in project or process/quality management, with solid knowledge of auditing IT application controls (e.g., through IT audits or IT risk management)
- Deep understanding of how IT and Information Security risks relate to business process risks, especially in regulated financial institutions
- Hands-on technical experience in IT operations plus expertise in at least one area: cybersecurity, infrastructure, SDLC, cloud engineering, or similar
- Familiarity with ITIL 4, COBIT5, or ISO 27001 is a plus
Tech Stack
- Cloud
- Cyber Security
- SDLC
Benefits
- A diverse and inclusive environment that embraces change, innovation, and collaboration
- A hybrid working model, allowing for in-office / work from home flexibility
- Generous vacation, personal and volunteer days
- Employee Resource Groups support an inclusive workplace for everyone and promote community engagement
- Competitive compensation packages including health and wellbeing benefits, retirement savings plans, parental leave, and family building benefits
- Educational resources, matching gift and volunteer programs