Director IT Controls Testing SME

Overview

On Site
$70 - $90
Contract - W2
Contract - Independent
Contract - 6 Month(s)

Skills

FFIEC
NIST
COBIT
SOX
GLBA
1LOD or 2LOD
FRB
OCC
OSFI
COSO
NIST 800-53)
risk management
technology audit
or controls testing

Job Details

Primary Skills
IT controls Testing
Job Description
IT Controls Testing SME/TOE/1LOB - Mayfair Capital - Hybrid/ Toronto, ON or NYC - 1-2 years+

THIS WILL BE A PLACEMENT THIS WEEK.

*** We need: Very senior/Director level IT controls Testing SME in Banking. The candidate will be responsible for viewing the current controls and road mapping a plan to increase scalability and optimize the system. Provide subject matter expertise (SME) in the execution of manual controls testing, including both control design (TOD) and effectiveness (TOE) assessments and support the execution and continuous improvement of IT risk and controls assurance activities within the 1st Line of Defense (1LOD). Candidate will Partner with the IT Controls Testing Lead to interface with key regulators including FRB, OCC, and OSFI, providing documentation, evidence, and audit trail explanations as needed. **Candidates must have Long Projects/Good Tenure, Excellent communication skills and a State issued ID (Not Bills) showing they are Local.

Required Location: Hybrid/ NYC 3 days a week.

Interview Required: Video

Candidate Visa s Accepted: No Opt/H1B

Candidates must be LOCAL to NYC area and COMMUTE into the office THREE TIMES A WEEK. NO RELOCATION CONSIDERED.

*** Please make sure that each submittal includes:

  1. Driver s license or State ID
  2. Link to the candidates LinkedIn account.
  3. Below submittal Format

*** Candidate Must Have s on a resume and for submittal:

1. How many years working with: IT Banking Controls Testing SME

2. How many years working with: TOE/TOD

3. How many years working with: 1LOB or 2LOB

4. How many years working with:

5. How many years working with: BANKING /FINANCIAL SERVICES OR CAPITAL MARKETS ARE A MUST.

*** Please provide all the below Submittal Format details with each submittal. It is required for the client Management system.

  • Full Name:
  • Rate:
  • Location:
  • Availability to Interview: One Day s notice
  • Availability to Start:
  • Email Address:
  • Phone Number:
  • Visa Status:
  • Education - College/Year of graduation:
  • Link to LinkedIn?
  • Certifications (Please list)?

Job Description:

We are seeking a seasoned Director-level IT Controls Testing Subject Matter Expert (SME) to support and enhance a maturing IT Controls Testing function embedded within the 1st Line of Defense (1B). This function, part of the Enterprise IT Risk organization based in Toronto, plays a critical role in assessing the design (TOD) and operating effectiveness (TOE) of IT controls to ensure alignment with internal standards and regulatory expectations. While the team s governance roots are in Toronto, the role works day-to-day with the US CIO office and maintains active engagement with global IT risk stakeholders.

Key Responsibilities:

  • Lead the enhancement and redesign of the IT controls testing methodology and framework, aligning with industry standards and regulatory expectations.
  • Provide subject matter expertise (SME) in the execution of manual controls testing, including both control design (TOD) and effectiveness (TOE) assessments.
  • Partner with the IT Controls Testing Lead to interface with key regulators including FRB, OCC, and OSFI, providing documentation, evidence, and audit trail explanations as needed.
  • Support the execution and continuous improvement of IT risk and controls assurance activities within the 1st Line of Defense (1LOD).
  • Advise on best practices for IT controls testing across complex banking and enterprise technology environments.
  • Build relationships and collaborate closely with key stakeholders, including CIO office teams, Enterprise IT Risk, Compliance, Audit, and second line (2LOD) functions.
  • Contribute to the development of enterprise-wide IT risk reporting and metrics to support executive-level decision-making.
  • Mentor junior testers and control owners, fostering a culture of control awareness and risk accountability.

Required Qualifications:

  • 10+ years of experience in IT risk management, technology audit, or controls testing, with at least 3+ years in a leadership role.
  • Deep knowledge of IT general controls (ITGCs), control design and testing principles, and financial services regulatory frameworks (e.g., FFIEC, NIST, COBIT, SOX, GLBA).
  • Demonstrated experience standing up or significantly enhancing an IT Controls Testing function (1LOD or 2LOD).
  • Hands-on experience working with or responding to banking regulators (FRB, OCC, OSFI) in a testing or assurance capacity.
  • Strong understanding of control frameworks (e.g., COSO, NIST 800-53) and relevant technologies (e.g., infrastructure, applications, cybersecurity, cloud).
  • Excellent written and verbal communication skills, including the ability to create and deliver executive-level documentation and presentations.

Preferred Qualifications:

  • Experience working in or with large US-based financial institutions.
  • Professional certifications such as CISA, CRISC, CISSP, or CIA.
  • Familiarity with tools for IT control testing, GRC platforms, and issue tracking.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.