Overview
On Site
Contract - W2
Contract - Independent
Skills
Reporting
Agile
Leadership
Testing
ERM
Auditing
Risk Assessment
Finance
ISO 9000
FFIEC
Gramm-Leach-Bliley Act
Cyber Security
ISO/IEC 27001:2005
SANS
PCI DSS
Organizational Skills
Research
Analytical Skill
Conflict Resolution
Problem Solving
Communication
Technical Writing
Information Systems
Military
CISSP
CISA
Cisco Certifications
ISACA
Information Security
Staff Management
Job Details
Controls Testing Analyst
Location: REMOTE
Pay Rate: Open to Both C2C and W2 options
Position Type: Multiyear Contract
Basic Purpose:
The Analyst will serve in an Asset Based Testing role that will help plan, scope, execute, and report testing of IT and Information Security controls. The Analyst will be responsible for all phases of the assessment and communications with business partners and other stakeholders. They will work in an Agile environment.
Responsibilities:
Planning & Scoping of Asset Based Assessments to include development of communications, risk & control matrices, scope documents and other supporting information
Perform walk-throughs with business partners identifying actual versus expected controls
Create test strategies to test actual controls
Document all work performed to meet the IIA reperformance standard
Document issues and final reports
Present to leadership results of assessments
Qualifications:
Experience in control testing to include experience in some of the three lines of defense (Audit, ERM, First Line areas)
Experience in audit and information security risk assessments
Knowledge of applicable federal and state laws, rules and regulations (i.e. Federal Financial Institutions Examination Manual (FFIEC), National Information of Standards and Technology (NIST), and International Standards Organization (ISO)
Knowledge of NCUA, FFIEC, GLBA, NIST (including the Cyber Security Framework and 800 Series), ISO 27001/27002, SANS/CIS 20, PCI DSS, and other Information Security requirements and frameworks
Experience in working with all levels of staff, management, stakeholders, and third parties
Effective planning and organizational skills
Effective research, analytical and problem solving skills
Strong verbal, written and interpersonal communication skills, including technical writing
Bachelor Degree in business, information systems or related field or equivalent work/military experience
CISSP, CISA, CCSP, CRISC or other Information Security certifications
Ability to present findings and conclusions clearly and concisely
Experience in working with all levels of staff, management, stakeholders, and third parties
Ability to build effective relationships through rapport, trust, diplomacy, and tact
Strong word processing and spreadsheet software skills
Ref: #850-Rockville (ALTA IT)
Location: REMOTE
Pay Rate: Open to Both C2C and W2 options
Position Type: Multiyear Contract
Basic Purpose:
The Analyst will serve in an Asset Based Testing role that will help plan, scope, execute, and report testing of IT and Information Security controls. The Analyst will be responsible for all phases of the assessment and communications with business partners and other stakeholders. They will work in an Agile environment.
Responsibilities:
Planning & Scoping of Asset Based Assessments to include development of communications, risk & control matrices, scope documents and other supporting information
Perform walk-throughs with business partners identifying actual versus expected controls
Create test strategies to test actual controls
Document all work performed to meet the IIA reperformance standard
Document issues and final reports
Present to leadership results of assessments
Qualifications:
Experience in control testing to include experience in some of the three lines of defense (Audit, ERM, First Line areas)
Experience in audit and information security risk assessments
Knowledge of applicable federal and state laws, rules and regulations (i.e. Federal Financial Institutions Examination Manual (FFIEC), National Information of Standards and Technology (NIST), and International Standards Organization (ISO)
Knowledge of NCUA, FFIEC, GLBA, NIST (including the Cyber Security Framework and 800 Series), ISO 27001/27002, SANS/CIS 20, PCI DSS, and other Information Security requirements and frameworks
Experience in working with all levels of staff, management, stakeholders, and third parties
Effective planning and organizational skills
Effective research, analytical and problem solving skills
Strong verbal, written and interpersonal communication skills, including technical writing
Bachelor Degree in business, information systems or related field or equivalent work/military experience
CISSP, CISA, CCSP, CRISC or other Information Security certifications
Ability to present findings and conclusions clearly and concisely
Experience in working with all levels of staff, management, stakeholders, and third parties
Ability to build effective relationships through rapport, trust, diplomacy, and tact
Strong word processing and spreadsheet software skills
Ref: #850-Rockville (ALTA IT)
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.