Risk Management Expert

Independent Testing Professional

As an Independent Testing Professional, you will be responsible for participating in the development and design of methodologies and standards for review activities companywide.

• Participate in less complex development and design of methodologies and standards for review activities companywide in alignment with the risk management framework.
• Ensure effective and appropriate testing, validation, and documentation of review activities for risk programs, risks, and controls according to standards and other applicable policies within Independent Testing.
• Support and implement less complex initiatives with low to moderate risk and exercise independent judgment to guide risk reporting, escalation, and resolution.
• Present recommendations for resolving more complex situations and exercise independent judgment while developing expertise in risk management framework and the risk and control environment.
• Collaborate and consult with colleagues, internal partners, and management.

2+ years of experience in risk management or equivalent demonstrated through one or a combination of work experience, training, military experience, or education.

• University degree in Business or related discipline.
• 2+ years of relevant experience in risk management, Technology Audit, Risk and Control Testing.
• Knowledge and understanding of financial services industry: compliance, risk management, or audit operations.
• Expert knowledge levels and understanding of Technology controls.
• Good understanding of Technology domain and Infrastructure.
• Experience in reviewing testing strategies and methodologies; evaluating the adequacy and effectiveness of policies, procedures, processes, initiatives, products, and internal controls; and identifying issues resulting from internal and/or external compliance examinations.
• Experience in testing policy, procedures, control, and business process testing.
• Experience in creating, executing, and documenting compliance, control, and business process testing.
• Intermediate Microsoft Office (Word, Excel, Outlook, and PowerPoint).
• Ability to take on a high level of responsibility, initiative, and accountability.
• Minimum 2+ years at Big Four/super regional public accounting firm with experience in Technology testing, regulatory, and/or business process, advisory/consulting service.
• Experience supporting SOX/SOC, Regulatory Exams (Domestic and Intl), Audits, or other technology control related assessments.
• Strong critical thinking skills with ability to credibly challenge status quo.
• Strong organization and prioritization skills.
• Strong relationship management skills: ability to negotiate difficult positions without harming relationships.
• Strong team player and ability to work with minimum guidance.

• Completes review/testing activities on an accelerated schedule, raising schedule delays as needed while looking for opportunities to remediate schedule issues.
• Providing meaningful operational and compliance risks assessments of business processes.
• Strong analytical skills.
• Supporting efforts to effectively challenge risks in processes and evaluate and/or test controls designed to mitigate those risks.
• Executing substantive and/or control testing with moderate supervision.
• Executing the test of design and operating effectiveness for RCSA (Risk & Compliance Self-Assessment) controls.
• Completes all testing and documentation under limited supervision and appropriately retains all work papers (testing schedule, templates, work-papers, deferrals, deviations, etc.).
• Providing consultation and subject matter expertise for process related matters including evaluating severity of control deficiencies and related remediation efforts.
• Documenting test results and any issues identified while also providing recommendations to management.
• Providing Credible Challenge to the First Line Units as needed.
• Acting as a change agent for continual improvement of the control environment.

Desirable qualifications include but are not limited to: Chartered Accountant, Certified Management Accounting, Certified Public Accountant (CPA), Certified Internal Auditor (CIA), MBA Finance/PGDBA, Certified Regulatory Compliance Manager (CRCM), Cybersecurity and Infrastructure Security Agency (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information System Control (CRISC), and Information Security Management Systems (ISMS)