Technology Control Testing Lead

Opening

We are a leading trading platform that is ambitiously expanding to the four corners of the globe. Our top-rated products have won prestigious industry awards for their cutting-edge technology and seamless client experience. We deliver only the best, so we are always in search of the best people to join our ever-growing talented team.

Responsibilities:

• Design and maintain a robust technology control testing framework aligned with risk management standards (e.g., NIST, ISO 27001, COBIT, ITIL).
• Develop and update testing methodologies, ensuring they address key risks related to IT infrastructure, cybersecurity, cloud services, and software development.
• Establish and maintain control testing policies and procedures that align with regulatory and internal governance requirements.
• Ensure the control testing framework integrates seamlessly with the broader Operational Risk Management Framework (ORMF).
• Maintain a comprehensive control library, mapping controls to risks and business objectives.
• Plan and execute detailed control testing activities across IT operations, systems, and processes, including:
  - Cybersecurity controls (e.g., firewalls, encryption, access management).
  - Cloud computing controls (e.g., AWS, Azure, Google Cloud).
  - Data protection controls (e.g., GDPR compliance, data backups).
  - Incident management processes and disaster recovery testing.
• Test both the design and operating effectiveness of IT controls.
• Prioritize control testing activities based on risk assessments, focusing on high-risk areas such as payment systems, customer data protection, and regulatory reporting.
• Document and communicate control deficiencies to relevant stakeholders.
• Work with technology teams to develop, track, and implement remediation plans to address identified control gaps.
• Perform follow-up testing to validate the resolution of issues and confirm effectiveness.
• Assess IT controls of third-party vendors and service providers, ensuring compliance with contractual and regulatory obligations.
• Support vendor risk management activities by evaluating third-party cybersecurity and IT governance controls.
• Document findings and control weaknesses, ensuring they are communicated clearly to relevant stakeholders.
• Work with control owners and process teams to develop and track remediation plans for identified deficiencies, ensuring timely resolution.
• Conduct follow-up testing to validate the implementation and effectiveness of corrective actions.
• Collaborate with risk teams to ensure control testing aligns with the organization’s risk assessment and regulatory requirements.
• Present findings and recommendations to senior leadership, providing actionable insights to improve the control environment.
• Support regulatory audits and examinations by providing control testing documentation and responding to inquiries.
• Ensure the organization is prepared for external reviews of its control environment.

Requirements:

• 5-7 years of experience in technology risk management, IT audit, or control testing within a regulated FinTech or financial services environment.
• Strong background in assessing IT and cybersecurity controls, including experience with cloud environments, DevSecOps practices, and digital payment platforms.
• Proven ability to perform tests of controls (design and operating effectiveness).
• Strong understanding of operational processes, risk frameworks, and regulatory requirements.
• Proficiency in using governance, risk, and compliance (GRC) tools and control testing platforms.
• Familiarity with IT control frameworks such as NIST Cybersecurity Framework, ISO 27001, and COBIT.
• Proficiency with GRC platforms and testing tools (e.g., RSA Archer, ServiceNow, or LogicGate).
• Advanced knowledge of data analysis tools (e.g., Excel, SQL) and reporting tools (e.g., Tableau, Power BI).
• Strong understanding of cloud security, data protection technologies, and cybersecurity protocols.
• Experience in managing regulatory audits.
• Ability to work collaboratively with regional and global partners in other functional units; ability to navigate a complex organization; to influence and lead people across cultures at a senior level.
• Excellent problem-solving skills, inquisitive nature, and comfort challenging current practices.
• Proven track record of taking ideas forward without supervision and challenging others, where appropriate.
• Adept at developing relationships with senior business executives with a reputation for partnering across organization lines to mitigate risks.
• Highly disciplined, able to work with limited supervision and make independent decisions.
• Strong organizational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results.
• High level of professionalism, self-motivation, and sense of urgency.
• Bachelor’s degree in Computer Science, Information Technology, Risk Management, or a related field.
• Advanced degree (e.g., MS in Cybersecurity, MBA) is a plus.

What you will get in return:

• Competitive Salary: We believe great work deserves great pay! Your skills and talents will be rewarded with a salary that makes you feel valued and motivated.
• Work-Life Harmony: Join a company that genuinely cares about you—because your life outside of work matters just as much as your time on the clock.
• Annual Performance Bonus: Your hard work doesn’t go unnoticed! Celebrate your achievements with a well-deserved annual bonus tied to your performance.
• Generous Time Off: Need a breather? Our annual leave policy lets you recharge and enjoy life outside of work without a worry.
• Employee Referral Program: Love working here? Share the love! Bring your talented friends on board and get rewarded for growing our awesome team.
• Comprehensive Health & Pension Benefits: From medical insurance to pension plans, we’ve got your back. Plus, location-specific benefits and perks!
• Workation Wonderland: Live your digital nomad dreams with 30 extra days to work remotely from anywhere in the world (some restrictions apply). Adventure awaits!
• Volunteer Days: Make a difference! Take two additional paid days each year to support causes you care about and give back to the community.

Closing

Be a key player at the forefront of the digital assets movement, propelling your career to new heights! Join a dynamic and rapidly expanding company that values and rewards talent, initiative, and creativity. Work alongside one of the most brilliant teams in the industry.