Control Resilience Assessor

Perform controls testing across On-Premise and Cloud environments, assessing Control Design Adequacy and Control Operating Effectiveness.

Demonstrate knowledge of audit and compliance frameworks such as Sarbanes–Oxley Act Section 404 (SOX 404), SOC 2, SSAE 18, and New York Department of Financial Services Cybersecurity Regulation (NYDFS).

Establish and maintain processes and procedures for control testing across diverse IT environments.

Conduct control walkthroughs with system owners, engineers, architects, and business stakeholders to validate control processes and requirements.

Gather audit evidence, perform testing, and document results in accordance with organizational standards.

Adapt quickly to new domains and complex assessment activities while ensuring high-quality testing execution.

Lead assigned projects independently, ensuring end-to-end ownership and timely delivery.

Support team members through knowledge sharing, guidance, and collaboration.

Identify, report, and track control gaps across on-prem and cloud environments, including ineffective or inadequate controls.

Assess risk impact and severity associated with identified control deficiencies.

Recommend improvements to control design and implementation to strengthen security and compliance posture.

Support control owners in designing, implementing, and maintaining controls and documentation.

Prepare comprehensive control testing reports including issue descriptions, evidence analysis, and recommendations.

Perform additional tasks and responsibilities assigned by management.

Stay updated with evolving information security regulations, standards, and industry best practices.