Risk and Control Testing

Required Qualifications

• Education:

◦ Bachelor's degree in finance, Business, Information Systems, IT, or related field

• Experience:

◦ Controls testing, risk oversight, audit, or validation experience

◦ Banking or financial services experience preferred

E. Domain Knowledge

• Working knowledge across:

◦ Regulatory compliance frameworks and controls

◦ SOX and regulatory reporting requirements

◦ ITGC domains (access, change, operations, SDLC)

◦ Information security practices (NIST, cyber frameworks)

◦ Risk and control frameworks (COSO, Three Lines of Defense)

F. Tools & Skills

• GRC tools: Archer, MetricStream, ServiceNow GRC

• Strong SOX and ITGRC fundamentals

• Strong Excel skills for sampling and analysis

• Ability to produce audit-defensible documentation

• Strong stakeholder communication and presentation skills

G. Personality Traits

• Ability to challenge and validate controls with strong evidence

• High-quality, review-ready and audit-ready documentation

• Identification of systemic and thematic control issues (not just isolated gaps)

• Effective engagement with stakeholders and auditors

• Strong adherence to independence and governance standards

Work Model

• Work from Office

• Shift aligned to US Pacific Time (late evening IST start)

• Delivery-driven, audit-intensive environment