Job Description

Job Title

VP - Technology Risk and Control Assurance

Role Summary

Role Description

Controls Testing and Assurance performs a key role for State Street as a First line of defense function by testing Information technology controls and providing independent feedback on the adequacy of controls. As a part of the Controls assurance team, one has to contribute to driving program activities related to Control identification, controls testing and Controls and Risk Mapping. To achieve this objective, one has to communicate and collaborate with controls owners and other key stakeholders globally.

We are looking for an experienced Technology Risk and Control professional to support Control Testing capabilities with best industry practices and mature our controls program. The ideal candidate will have hands-on experience with IT Risk, control testing, control validation, control assurance, project management, people management, and strong analytical skills.

As VP Technology Risk and Control Assurance you will :

• Conduct technology control testing and maintain a mature quality of test attributes, which includes both design and effectiveness test
• Effectively communicate with stakeholders including senior level Control Owners
• Individual will develop and drive process and quality assurance standards over control testing process, responses and all required criteria for successful closure
• Individual will ensure consistent execution of the control testing test life cycle and review test papers for opportunities for consolidation and normalization
• Engage key operational SMEs for testing work, identify risk and control gaps and transition open issues to appropriate stakeholders for remediation planning
• Support and improve upon the reporting capability associated with control testing
• Develop and drive consistent, transparent day-to-day, monthly, quarterly and annual reports associated with controls and corresponding activities

Core / Must have skills

Understanding of Risk Management framework

Project Management

Excellent communication skills

People Management experience

Knowledge of MS Office suite, IT frameworks such as NIST, ISO, COBIT, ITIL, similar frameworks

Good to have skills

Information Security certifications like ISO27001, CRISC, CISA etc.

Knowledge on information security domains like Incident management, change management, SDLC, BCP / DR, Access management, Security Incident Management, Security tools, etc.

Must be avid reader as candidate is expected to keep himself updated with new regulations, mandated from various regulators globally like MAS, CERT-IN, EBA