Job Description

We are seeking a resourceful and forward-thinking Senior IT Compliance Analyst who will perform testing of defined security and IT general computing controls across relevant applications, infrastructure and processes to verify that controls are sufficiently well crafted and operating efficiently to keep the risks that they mitigate within the company's tolerance level. You are collaborative, believe in teamwork and are comfortable in a fast-paced environment.

What you'll do

• Delivery of controls testing activity as required, and support in the delivery of testing activity by other colleagues within the team including:
• Development of test plans aligned with the IT and Business Protection Standards required controls and testing requirements
• Perform walkthrough and sample-based testing (as needed)
• Conclude on the design adequacy and the operating efficiency of the controls
• Detail the assessment package (write-up and supporting evidence)

• Reporting on the status of controls testing activity and on issues arising from this testing to colleagues at all levels.
• Identify potential risks and issues and, where required, collaborate closely with Operational and Risk colleagues to formally raise these.
• Support the remediation of control issues by providing input to appropriate partners in the development of actions.
• Develop and maintain effective relationships with senior internal and external partners to ensure that IT risks are managed in line with risk appetite, strategy and objectives
• Aid the development and continuous improvement of the information security mandatory controls framework and controls testing methodology.
• Independently and optimally manage own workload and time, including maintenance/measuring of personal development plans and objectives.
• Provide support, guidance and mentoring to junior peers and new recruits on technical aspects of testing. Be positively and actively engaged in the work of the function.
• Perform review of third-party audit reports (SOC1).
• Perform peer reviews on IT/BPS controls walkthrough, testing and documentation (Canada) to ensure quality levels are maintained and best practices are shared.
• Coordinate mid-year and year end IT audit activities with external auditors.
• Support the cultural change to fully embed Risk and Control ownership within IT

What you'll bring:

Crucial Skills and Knowledge

• A broad knowledge of IT systems, security and/or day to day IT Operations.
• Solid understanding of security and IT general computing controls.
• 3+ years control testing experience in an IT environment or IT audit experience.
• Strong analytical and writing skills.
• Ability to plan, analyze data, and support conclusions.
• A dedication to personal development and a desire to learn.
• The ability to work actively and effectively as part of a distributed team to deliver results.
• Superb communication and collaboration skills.

Desirable Knowledge and Qualifications

• A degree in a technology related subject and/or relevant organizational and subject matter expertise (COBIT, COSO, ITIL).
• Relevant industry qualification (e.g. CISA, CIA, CISSP, Certified Ethical Hacker).
• Knowledge of the following: Windows Technologies, Unix, Linux, Oracle, Cloud Computing (AWS, Azure), Cryptography and System Architecture.

Demand For HR is an equal opportunity Recruiting Firm. We do not discriminate against gender, race, persons with disabilities or ethnical background. We thank all applicants for your interest in the roles Demand For HR is recruiting for.