Review and evaluate internal controls to ensure they are designed effectively to address regulatory requirements, including SOC 2, PCI DSS, ISO 27001, 27002, NIST.
Develop and execute risk based testing plans to assess the effectiveness of controls and compliance with regulatory standards.
Identify potential control deficiencies and gaps in the control framework and recommend remediation measures.
Maintain accurate documentation of control assessments, testing results, and compliance evidence.
Prepare comprehensive reports on control assessments and testing outcomes for senior management and regulatory bodies as required.
Collaborate with cross-functional teams, including IT, legal, cybersecurity, and audit teams, to ensure a coordinated approach to control assessments and compliance.
YOUR PROFILE
Bachelor's degree in Information Technology, Computer Science, Cybersecurity, Engineering Technology or a related field; Master's degree or professional certification (e.g., CIA, CISA, CISM, CRISC, CISSP, CIPT, CEH, ) is preferred.
5+ years of experience in; auditing, security technician, or internal control assessments and testing, preferably in a regulated environment, public accounting firm, or similar software provider.
Strong knowledge of regulatory frameworks and standards, including SOC 2, PCI DSS, ISO 27001, 27002, NIST.
Familiarity with control design principles and best practices.
Proficiency in control testing methodologies and tools.
Excellent analytical and problem-solving skills, with attention to detail.
Strong communication and interpersonal skills to collaborate effectively with stakeholders.
Ability to work independently and manage multiple projects simultaneously.
Adaptability to a dynamic and fast-paced environment.
Desire to work as part of a global team to achieve objectives.