Assessments & Exercises Senior Associate | SOC 1/2 Assessments

The Cyber security and Technology Controls Adoption Readiness Assessment team manages planning and execution of technology platform assessments as well as ensure readiness and remediation across all applicable technology platforms at the bank.

As an Assessments & Exercises Senior Associate within the Cyber and Tech Controls line of business, you will help enhance the firm's cybersecurity or resiliency posture by using industry-standard assessment methodologies and techniques to proactively identify risks and vulnerabilities in people, processes, and technology.

Collaborate with the team to design and execute risk-driven tests and simulations.

Evaluate preventative controls, incident response processes, and detection capabilities.

Your ability to make informed decisions and foster continuous improvement will allow you to contribute to the achievement of the team's operational goals and the mitigation of cyber and resiliency risks.

Job Responsibilities:


* Assess and perform IT general control and application control testing; facilitate identification of findings, relevant compensating controls, remediation, validation, and closure of findings within defined timeframes


* Execute on multiple controls adoption readiness assessments performed by various members of the team


* Evaluate the functionality of existing and new technology platforms to drive adherence to control standards


* Track and communicate overall progress of various program, ensuring complete and timely reporting on program status to senior management stakeholders


* Ensure key risks impacting controls audits are addressed prior to initiation of audits


* Work with internal and external stakeholders to understand and document various current-state control processes and process flows


* Examine results of internal / external audits for potential cross-impacts on other programs


* Ensure quality standards are achieved in development and maintenance of program documentation

Required Qualifications, Capabilities, and Skills :


* Formal training or certification on audit functions or 2+ years of IT controls experience as a practitioner / lead with a "Big Four" or top IT consulting firm.


* Knowledge of information technology and auditing of IT general controls (SOx / SOC 1 / SOC 2)


* Ability to simultaneously execute on multiple on-going assessments across different groups of stakeholders


* Ability to initiate meetings, problem solving to identify solutions to issues and deliver quality results in a deadline-driven environment


* High energy and a passion for the delivery of high-quality project outcomes


* Highly motivated, self-starter that can work autonomously and can independently take initiative to learn new technologies using various resources


* Results oriented, strong sense of ownership, detail oriented, quality-focused


* Ability to work effectively in a global team environment and drive results in a matri...