Sr. Control Tester (InfoSec, Risk, Audit)
- Recruiter
- Insight Global
- Location
- Dallas, Texas, United States
- Salary
- Competitive salary
- Posted
- 22 Jun 2021
- Closes
- 23 Jun 2021
- Ref
- DAL-450773
- Job role
- Audit, Compliance/risk
The Sr. Associate, Business Control & Risk Management operates within the First Line of Defense to execute the Enterprise Risk Framework - ensuring compliance with Regulations, Heightened Standards, and Corporate Policy. The Sr. Associate will help champion the Business Control mandate acting as a critical partner guiding stakeholders to embed risk management practices in the 1st line. The Sr. Associate serves as a subject matter expert by advising and guiding enterprise wide initiative such as risk assessments, KPI development, remediation of issues. Evaluations require collaboration with various stakeholders while influencing parties towards strategic goals.
Minimum Requirements
5+ years of Risk Management, Internal Controls, Auditing, Information
Security experience and/or legal or regulatory experience.
Prior experience with Cyber-risk assessment / Cyber security
assessment / Penetration testing / Network Devices (firewalls/IDS-
IPDS) / Tools (Firemon/Qualys/Solarwinds) / Cloud Technology (AWS)
Develop and document test procedures and/or document
recommendations for test plan modifications that improve validation
of control objectives. Test procedure development may cover a wide
range of technically diverse topics ranging from IP Network Discovery,
access management, network security/operation, vulnerability
management, Information Security, SDLC, Backup and others.
Solid knowledge and understanding of at least few of technology
areas across municipal technology platforms including Windows,
LINUX, Network and IT Operations, and Virtualization to assess and
test technology/info sec controls. (Must be knowledgeable in at least
few of these areas).
Data analysis skills and ability to develop scripts to gather data
required for control testing/assessment. Automate Testing procedure
where possible
Perform multi-platform (application, database, operating system, middleware, monitoring tools, and business processes) level testing. Obtain, review, and interpret evidence provided to validate controls are performed effectively and identify vulnerabilities, gaps, or control deficiencies. Identify risks associated with control failures and supports the identification of mitigating controls.
Proficient computer navigation skills using a variety of software packages, including Microsoft Office applications and word processing, spreadsheets, databases, and presentations.
Ability to accurately document control testing results in sufficient details.
Minimum Requirements
5+ years of Risk Management, Internal Controls, Auditing, Information
Security experience and/or legal or regulatory experience.
Prior experience with Cyber-risk assessment / Cyber security
assessment / Penetration testing / Network Devices (firewalls/IDS-
IPDS) / Tools (Firemon/Qualys/Solarwinds) / Cloud Technology (AWS)
Develop and document test procedures and/or document
recommendations for test plan modifications that improve validation
of control objectives. Test procedure development may cover a wide
range of technically diverse topics ranging from IP Network Discovery,
access management, network security/operation, vulnerability
management, Information Security, SDLC, Backup and others.
Solid knowledge and understanding of at least few of technology
areas across municipal technology platforms including Windows,
LINUX, Network and IT Operations, and Virtualization to assess and
test technology/info sec controls. (Must be knowledgeable in at least
few of these areas).
Data analysis skills and ability to develop scripts to gather data
required for control testing/assessment. Automate Testing procedure
where possible
Perform multi-platform (application, database, operating system, middleware, monitoring tools, and business processes) level testing. Obtain, review, and interpret evidence provided to validate controls are performed effectively and identify vulnerabilities, gaps, or control deficiencies. Identify risks associated with control failures and supports the identification of mitigating controls.
Proficient computer navigation skills using a variety of software packages, including Microsoft Office applications and word processing, spreadsheets, databases, and presentations.
Ability to accurately document control testing results in sufficient details.
Similar jobs
-
New
-
New