Enable job alerts via email!

IT Control Analysts

TESTQ Technologies Limited

London

On-site

GBP 40,000 - 70,000

Full time

12 days ago

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

Une société technologique dynamique recherche un analyste de tests de contrôle expérimenté pour valider des contrôles informatiques et de sécurité. Vous jouerez un rôle clé dans le test et l'évaluation des contrôles à travers divers domaines, garantissant une conformité optimale et une gestion des risques efficace. Ce rôle nécessite des compétences en documentation et en communication, ainsi qu'une solide connaissance des normes de sécurité informatique et des frameworks de contrôle.

Qualifications

Expérience en testing de contrôles dans un environnement technologique.
Connaissances en COBIT, ISO27001, CISM, CISSP, ITIL.

Responsibilities

Planifier et réaliser des réunions avec des représentants de contrôle.
Documenter les résultats des tests dans un rapport structuré.
Évaluer la conception et l'efficacité des contrôles.

Skills

Knowledge of key control areas

Good practical experience of controls testing delivery

Education

CISA

An experienced controls testing analyst who can validation test a prioritized set of IT and IS controls throughan enquiry with a control owner/representative. The control testing analyst will arrange Microsoft Teams-based walk-through meetings with control representatives to undertake the test, asking probing questions to determine if the control activity is being performed satisfactorily and can be evidenced. The control testing analyst will:

Schedule walk through meetings
Prompt for and read supporting process/activity documents/websites beforehand
Perform testing – enquiry method
Ask the control representative to explain the control activities, processes and operational evidence, along with supporting documentation / websites
Take notes and screenprints in evidence
Make the assessment – document the test result
Determine if the control is adequately designed, effectively operated (risk is managed)
Write up finding in a templated Word document, plus evidence (screenshots, URLs, …)
Update the Excel test plan tracker with results
Notify management and the control representative of the test outcome

Controls to be tested - The following control domains are to be tested

Perimeter - Secure Networks and Devices; Threat monitoring and response; Malware protection; Physical security.
IBS/Critical apps - Change management; Secure Development; User Access Management.
Resilience/Preparedness - Service Continuity & Recovery Planning; Crisis Response; Vulnerability Management; Physical operational resilience.
Data - Rest and Transit Protection, Loss Prevention, Access, Accuracy and Completeness, Retention and Disposal.
Financial Control Framework (FCF) - User Access Management (non-IBS apps); other ITGC areas covered by bullets above e.g., change management.

Fifty-five (55) prioritized key controls are to be tested in H2 2025, across scoped-in Functions and Divisions across L&G. Individual control tests will be allocated by the IT Controls Testing Team (ITCT) Manager to testing analysts. All testing will be tracked through existing governance meetings and committees. The Covered Period is from 30 June to 19-Dec.

Desired qualifications, knowledge, and skills

Qualifications: CISA
Knowledge: COBIT, ISO27001, CISM, CISSP; ITIL (mandatory)
Experience: Good practical experience of controls testing delivery in a relevant technology/technology risk function, including knowledge of key control areas, such as security, IT resilience, change management etc.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.