As a Tech Controls Associate in the Infrastructure Platform Group, you will contribute to the successful management of technology-aligned aspects of Governance, Resiliency and Compliance in line with the firm's standards. Leverage your broad knowledge in IT control management principles and practices to assess and monitor the effectiveness of implemented controls. Your role in control assessment, is crucial in advising on complex situations to comply with regulatory obligations and industry standards.
Infrastructure Platforms (IP) International Services is a horizonal service organization. We leverage the scale and expertise of the product organization to deliver IP global products at a local level, linking requirements and understanding regulations to ensure IP products are delivered to meet customer needs. We align with the international CIO organization within each region and with direct linkage to global IP Platforms & Services.
Job responsibilities
- Following up to recorded technology-related issues, ensuring right execution in compliance with firm, regulatory, and industry standards, while collaborating with internal and external stakeholders
- Contributing to the development and implementation of IT controls and monitor execution
- Documenting issues, procedures, and root cause analysis.
- Support implementation of effective controls in collaboration with cross-functional teams and stakeholders
- Evaluate and test the effectiveness of existing controls, thru baselines defined by the firm identifying gaps if they exist
- Assess the health of the control environment, utilizing dashboards and other relevant metrics, tools
- Assist in the management of projects related to risk and control initiatives, ensuring timely completion and alignment with the firm's management objectives
- Participate in additional key control projects related to enhancement of the Compliance and other assessment programs.
- Support internal education and best practices sharing with peers and colleagues, as well as information security education & awareness, as needed.
- Ensure key risks impacting controls audits are addressed prior to initiation of audits and quality standards are achieved in development and maintenance of program documentation
- Examine results of internal / external audits for potential cross-impacts on other programs
Required qualifications, capabilities, and skills
- 5+ years of experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on risk identification, assessment, and mitigation and Demonstrated knowledge of control evaluation methods, and regulatory requirements
- Ability to work in large, collaborative teams to achieve organizational goals, with a passion to build an inclusive and innovative culture
- Basic knowledge of industry-wide technology trends and best practices, data security, privacy standards, and data system comp. Basic understanding of security protocols, cryptography, authentication, authorization, and security
- Familiarity with applications or infrastructure in a large-scale technology environment on-premises or in internal or public cloud
- Experience in risk identification, assessment, and control evaluation, with a strong understanding of industry standards
- Fluent in English, including writing skills.
- Have a strong background in Auditing (specially regulatory ones) and understanding of internal controls
- Strong Excel and PowerPoint skills
Preferred qualifications, capabilities, and skills
- Strong verbal and written communication skills; ability to present information clearly and in a way that is appropriate to the audience
- Demonstrated ability to analyze complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders
- Proficient knowledge of risk management frameworks, regulations, and industry best practices
- Experience in assessment and control testing.
- Delivery focused with a track record of execution
- Ability to simultaneously execute on multiple on-going assessments across different groups of stakeholders
- Ability to initiate meetings, problem solving to identify solutions to issues and deliver quality results in a deadline-driven environment