Overview
Skills
Job Details
Information Security Control Tester Location : Raleigh,NC Duration : 6+ Months
Job Description :
Need 7+ years as a Information Security Control Tester
Significant and multi-year work experience in the Information Technology/Information Security area or in IT Audit, preferably in the financial industry; ideally combined with experience in project management
Experience in global and diverse teams across different time zones and within a matrix environment
University degree in Computer Science/ (Commercial) Information Technology or equivalent qualification
Professional appearance and strong verbal and written communication skills and the ability to communicate on all hierarchy levels. Fluent in English is required; German language skills are of benefit
Professional/industry recognized certifications (e.g., CISA, CCSP, CISSP, OSCP) are highly beneficial to cover a broad range of Infor- mation Security areas where relationship with the business or IT is required
Strong knowledge of IS threat analysis and frameworks (e.g., MITRE ATT&CK Framework) as well as cyber security standards (e.g., NIST, OWASP, ISO27001) and knowledge of the regulatory environment in the financial sector (e.g., KAIT, BAIT, ESMA cloud guidelines)
Executes IS Control effectiveness test fieldwork in line with the agreed test approach e.g., documenting Process Flows, identification of key risks, testing of key controls to determine whether they are properly designed and are operating effectively and documenting work in accordance with standards
Communicates openly with management and the internal stakeholders; keeps them informed of potential findings and escalate prob- ,lems/delays accordingly. Further, partners with other divisions/ teams during IS Control effectiveness tests engagement to use a collaborative approach.