Officer - Technology Controls Testing, ETRM
Hyderabad, India
State Street
State Street provides investment servicing, investment management, investment research and trading services to institutional investors worldwide.Who we are
It is an exciting time to join State Street Corporation (SSC) in the Enterprise Technology Risk Management (ETRM) organization. ETRM in its capacity as Second Line of Defense (SLOD) is responsible for leadership, oversight, monitoring, and advisement around the technologies, architecture, operational processes, security, and resiliency.
Who we are looking for
Controls Testing and Assurance is a key function within SLOD to evaluate Information Technology controls to provide independent feedback on the adequacy of controls. As a representative of the ETRM group, you will be amid State Street’s multi-year technology transformation journey and regulatory requirements and responsible for providing independent risk oversight, review and challenge on technology risk controls testing and assurance program.
What you will be responsible for
As an Officer, Technology Controls Testing – ETRM, you will be responsible for:
- Execute Test of Design (TOD) and Test of Effectiveness (TOE) of IT controls, including entity and process level controls, IT general and application controls
- Document accurate and detailed work papers clearly describing the tests, the results of work performed, and conclusions reached.
- Manage testing artifacts, including meeting minutes, action items, risk, and issues logs.
- Recommend improvements (if any) in controls design through awareness of technology and information security focused regulatory requirements and best practices.
- Evaluate all control deficiencies, identify root causes.
- Collaborate with technology teams across the First Line of Defense (FLOD) for them to develop strong remediation plans; Monitor implementation for timely remediation of control weaknesses.
- Deliver assigned projects independently on time, with limited support from management.
- Assist senior team members in completing basic research and analysis of the technology controls to develop Controls Testing and Assurance Oversight Framework influencing Policies, Controls, Risk Appetite, Procedures, and Guidelines
- Develop presentations for risk committees to highlight ETRM findings and recommendations.
What we value
These skills will help you succeed in this role.
- Effective communication, analytical, and project management skills
- Ability to multitask and navigate competing priorities.
- Initiative-taker, Navigating on your own.
- Ability to effectively develop and manage relationships across core stakeholder groups.
- Must be able to work during US and India time zones with the overlap of at least 4 hours.
Primary Skills (Must Have)
- Experience of working within controls testing and assurance functions with knowledge of controls design, test procedure development.
- Knowledge of Information Technology General Controls (ITGC), Risk and Control Self-Assessment (RCSA) to evaluate application development and maintenance controls, change management controls and cybersecurity controls etc.
- Knowledge of domains under ITIL (Information Technology Infrastructure Library) Practices
- Technology Management (Software Development and Management, Infrastructure and Platform Management)
- Service Management (Availability Management, Capacity and Performance Management, Change Management, Incident Management, IT Asset Management etc.)
- A strong understanding of Technology Risk Management to influence leaders on the need to embrace risk reduction initiatives and controls.
- Excellent communication, interpersonal, presentation and intergroup skills
- Proficient in Excel, Word, Flowcharting, PowerPoint etc.
Education & Preferred Qualifications
- Graduate in Computer Engineering (preferably BE / B TECH / BCA / MCA)
- Minimum 10-12 years of experience in information technology with 5-8 years of relevant experience in controls testing and assurance function.
- Experience with Risk Management and Technology Audits
- Strong project management abilities, critical thinking, problem solving, and decision-making skills.
- Experience with Microsoft Tools/Data Analytics/Dashboards is a plus.
- Information Security certifications like ISO27001, CRISC, CISA, CISM, CISSP etc.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Audits CISA CISM CISSP CRISC Data Analytics ISO 27001 ITIL Monitoring Risk management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Cloud Security Architect jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Product Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Architect jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open Threat intelligence-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs