Lead Security Control Assessor
Lead Security Control Assessor
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
As a lead member of the Control Assurance team reporting to the Information Security Control Assurance Testing Manager you will conduct independent comprehensive assessments of the management operational and technical security controls employed within processes or IT systems to determine the effectiveness of those controls.
You will ensure the quality and security of our cloudbased and onpremise applications through testing automation and collaboration with crossfunctional teams. You will work in an Agile environment and use JIRA and Kanban boards to manage tasks.
Responsibilities
- Design and deliver repeatable testing methodologies to support control assurance testing including automated testing frameworks for cloud environments.
- Ensure control tests are wellplanned including risk identification sampling selection of controls testing methods and reporting criteria.
- Lead control testing teams to perform design and operating effectiveness testing of information security controls including fieldwork testing and reporting activities.
- Provide quality assurance for control testing documentation produced during testing ensuring accurate completion of all required control testing documentation.
- Identify and document control deficiencies including root causes risk descriptions issue ratings and recommendations for improvement.
- Create and present reports of control testing findings to partners socializing any findings.
- Be the primary contact with partners for the controls tests you lead ensuring the quality of control testing engagements and stakeholder communications including regular status updates.
- Contribute to the efficiency of the control testing program by ensuring indicators are measurable that testing materials are standardized and stakeholder feedback is captured to facilitate improvement.
- Identify test cases for control activities and develop automated testing scripts to enhance the testing process.
- Ability to determine the protection needs of information systems processes and networks.
Qualifications :
- 8 years of experience working in Control Assurance or Risk environments.
- Experience creating queries and reports using RSA Archer and ServiceNow.
- Knowledge of security tools such as Sailpoint Rapid7 Wiz.io and MS Defender
- Knowledge of governance risk and controls principles.
- Familiarity with cloud concepts and technologies AWS and Azure
- Experience using generative AI such as Chat GPT to create test strategies reports and communications.
- Familiarity with Kanban boards and Jira.
- Familiarity with cybersecurity controls and security control frameworks such as ISO 27001 NIST PCI and HIPAA.
- Understanding of current industry methods for evaluating controls particularly in cloud environments.
- Experience preparing plans and related correspondence.
- Experience with control activities identifying and writing/communicating findings and performing root cause analysis.
- Proficient in preparing and presenting briefings.
- Strong relationship management skills demonstrating commitment to delivering quality results.
- Experience utilizing feedback to improve processes and engagements.
- Experience identifying systemic issues from analyzing testing data.
- Competent in answering questions clearly and concisely as well as asking clarifying questions.
- Capable of communicating complex information both verbally and in writing.
- Ability to facilitate small group meetings and collect verify validate and analyze test data.
- Experience translating data and test results into evaluative conclusions.
- Judicious in decisionmaking when controls are not well defined.
- Proficiency in both automated and manual testing of information security controls.
Additional Information :
This is a permanent homebased role in Costa Rica. No relocation available.
Our benefits include: Medical life and dental insurance Asociacion Solidarista International Share Save Plan Flex Work/Work from home Paid time off Annual Performance Bonus Education Reimbursement Family Bonding Bereavement Leave Referral Program and more.
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experians DNA and practices and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work irrespective of their gender ethnicity religion colour sexuality physical ability or age. If you have a disability or special need that requires accommodation please let us know at the earliest opportunity.
#LIRemote
Remote Work :
Yes
Employment Type :
Fulltime
Employment Type
Remote
