Security Controls Testing Analyst

Charlotte, NC | Work from home flexibility

Posted: 03/15/2024 Category: Information Technology Job Number: DAPEL149

Job Description

Title: Security Controls Testing Analyst

Location: Charlotte, NC (3-days onsite, 2-days remote Hybrid schedule)

Note: This role is NOT open to C2C candidates

The Security Controls Testing Analyst will test and evaluate the technology processes, applications, infrastructure, and risk management practices across. Security Controls Testing Analyst will perform testing and monitoring to evaluate control implementation design and effectiveness of technology, cyber security, and data processes, applications, and infrastructure. they will work closely with multiple stakeholders, including Technology Leaders, Enterprise Risk, Compliance, and Information Security Teams, as well as Subject Matter Experts to evaluate, report, and resolve (as needed) risk and controls, all while building and maintaining working relationships across the enterprise.

General Job Duties Include:

  • Identifying gaps in operational effectiveness and compliance with policies, standards, regulatory requirements, and industry best practices
  • Developing and presenting reports and action plans to business partners and senior management resulting from testing
  • Evaluating Technology, Cyber Security, and Data Management processes and systems for opportunities to improve compliance with internal policies/standard requirements, alignment to regulatory expectations, process improvement, and risk management
  • Designing, coordinating, and overseeing testing procedures to verify the security of systems, networks, and applications, while managing the remediation of risks
  • Identifying process improvement opportunities and developing subsequent plans of action to resolve gaps with minimal management intervention

General Job Qualifications Include:

  • 2-4 years of Quality Assurance/Quality Control experience, assessing and/or testing technology or cybersecurity, conducting audits, and/or monitoring IT risk management
  • Experience performing testing for IT/IS controls, including assessing the design and operating effectiveness of the control structure and compliance with internal policies and standards, as well as industry guidance; experience performing assessments aligned with regulatory standards
  • Knowledge and understanding of technology and cybersecurity industry frameworks and guidance (i.e. NIST, FFIEC, ISO 27001/27002, etc.)
  • A general understanding of fundamental technology and cybersecurity principles (e.g. Identity and Access Management, Vulnerability Management, Capacity Management, SDLC, Data Classifications, etc.)
  • A strong understanding of different types of IT systems (e.g. applications, servers, virtual servers, APIs, SaaS, cloud computing technology, etc.)
  • Experience documenting test results and provide support for an informed, objective opinion of the risk exposure; ability to communicate testing results, observations, and recommendations verbally and in writing
  • Ability to work effectively with peers and leaders while maintaining independence necessary to fulfill technology review and testing responsibilities; ability to escalate and report technology and operational risks concerns to higher parties, as necessary
  • Experience identifying emerging technology risks and leading dialog among stakeholders
  • Experience monitoring and driving information technology adherence to enterprise policies
  • Experience reviewing management action plans to assess the effectiveness of proposed remediation and appropriateness of the timeline
  • Proficient use of Microsoft Office products: Word, Excel, PowerPoint, and SharePoint
  • Ability to exercise judgement, make conclusions, and influence the technology risk mindset with stakeholders
  • Ability to function in a matrix organization and cross-functional team
  • Ability to interact and influence personnel at all levels across the organization, including associated to mid-level leadership
  • Strong attention to detail, critical thinking, problem-solving, and analytical skills
  • Proficient written and verbal communication skills
  • Demonstrated ability to effectively synthesize and communicate ideas and insights across the organization, including with executive leadership
  • Ability to develop and maintain strong working relationships with internal technology, risk, compliance, and audit partners
  • Ability to engage directly with the business line to understand business offerings, processes, and procedures
  • Experience in the Financial Services industry highly preferred
  • A minimum of a Bachelor’s Degree in Information Systems, Information Technology, Cybersecurity, or Computer Science

Note: This role is NOT open to C2C candidates

#ALINE11
Apply Online
Apply with LinkedIn Apply with Facebook Apply with X

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.

About Charlotte, NC

Ready to embark on a new career adventure? Explore our job opportunities in and around Charlotte, North Carolina, where the Queen City's vibrant energy meets Southern charm. Known for its dynamic job market and diverse industries, Charlotte offers endless growth possibilities for professionals seeking new opportunities. Discover the city's rich history at the Levine Museum of the New South, catch a show at the Blumenthal Performing Arts Center, or immerse yourself in nature at the stunning Freedom Park. Indulge in the region's famous barbecue joints, explore the NASCAR Hall of Fame, or cheer on the Carolina Panthers at the Bank of America Stadium. Join us in Charlotte and unlock a world of career possibilities in this bustling city with a small-town feel.