Controls Testing Manager

Summary:

Controls Resiliency Manager is responsible to lead and deliver IT controls assurance activities with proven extensive knowledge in IT Audit, IT General Controls Assurance, SOX 404, IT Attestation (SSAE18 / SOC), audit analytics, Cloud Security, CCPA, ISO 27001, etc. to support the Global Head of Technology and Cyber Risk Management & Regulatory Engagements

Responsibilities:

Line Management (50%)

• Line management of the Control Resiliency team in Mumbai and providing effective support to the Global ICS team.
• Supporting recruitment, management and development of people through supervising, mentoring and coaching  team members.
• Continuous learning and development of team members through different trainings.

Business As Usual (50%)

• Developing and managing a Control Resiliency service to include
  • Driving Assurance activities & projects
  • Review of control design
  • Testing of control effectiveness
  • Advice and guidance to control owners and project teams
  • Guidance in developing RCM (Risk & Control Matrix)
• Establishing and operating processes and procedures to manage workload
• Planning, communicating, coordinating and delivering assurance services
• Reporting and tracking control gaps as well as ineffective or inadequate controls
• Coordination and tracking remediation activities being performed by technology control owners
• Producing regular MI reports to the Senior Management 
• Taking initiatives and contributing to improvement of the Global Compliance & Controls activities
• Identify opportunities and recommendation to improve the design and implementation of technology controls
• Support control owners in the design and maintenance of controls and documentation
• Undertaking such other tasks and responsibilities as assigned by the Global Functional Director
• Keep yourself up-to date with latest IS related regulation and standards
   

Requirements:

• Qualified to degree level, preferably in a business, IT or security related subject. 
• 8+ years of experience in Technology Risk & Controls
• Must be interested in developing skills and knowledge of IT Risk Management, and willing to work towards appropriate professional qualifications, such as CISA, CISM, CISSP, CCSP
• Whilst this is not a hands-on technical role, the role holder will be expected to demonstrate a strong awareness of technology and how IT is used to enable business processes
• Should have undergone formal training in security, risk management or compliance (good to have)