Senior Analyst - IT Controls Testing

Job description :

Do you have experience as an IT Auditor? This role is very similar to an IT Auditor; however, you would be directly supporting our business partners in the first line of defense.

Central Testing Utility (CTU) is a centre of excellence dedicated to conducts testing activities and proactively identifying risk on behalf of Technology & Operations (T&O) within the 1st Line of Defense.

It provides the opportunity for the successful candidate to join a close-knit team of experts from diverse fields and disciplines.

Our utility model will offer individuals the opportunity to gain experience, knowledge, and insights to functions across functions such as Technology, FCU (Information Security / Cyber Security, Fraud, Physical Security) and Product Operations.

The T&O CTU is looking for energized individuals by working in a highly collaborative setting where diversity of thought and expertise is valued.

The Technology team performs the controls testing (Design and Operating Effectiveness) over the Information Technology domains and their processes across the Bank, such as Governance, Security, Service Delivery, Service Support, Applications & Infrastructure Development.

• Executes assigned technology controls testing using general methodology in accordance with established procedures to perform, analyze, document and report results of all assigned engagements.
• Creates and maintains high-quality testing documentation, such as test plans, workpapers, evidence, etc. to support the results of the testing, including the write-up of findings / issues for reporting.
• Analyzes root causes of issues discovered in testing in order to provide effective communication of issues to appropriate parties.
• Builds, develops and maintains effective relationships with internal business partners / stakeholders for the purposes of enhancing team effectiveness.
• Takes personal accountability for decisions and actions
• May work on ad-hoc projects from time-to-time in support of CTU goals

You will have :

• Solid understanding of technology and business processes, risks, and controls and associated controls frameworks & best practices ( COBIT, ITIL, COSO, PCI DSS, ISO 27001, 31000)
• Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy on application, IT SOX, ITGC, IT Governance, PM / Program and SDLC controls.
• Ability to effectively communicate and explain verbally and in writing, the results of IT controls testing activities including findings / issues identified
• Ability to self-regulate, and manage time independently to meet engagement expectations as set out at the time of engagement planning
• Ability to execute work activities and produce high quality deliverables including working papers, report, status updates, etc
• Strong problem solving skills required
• Ability to work independently and multi-task in a fast-paced environment
• Excellent judgment, logic and reasoning
• Relevant four-year University degree / college diploma or equivalent work experience in IT or CISA / CISM / CDPSE / CISSP /
• 3-5 years of IT controls testing experience preferably relating to IT SOX, Business & Risk Applications, IT General, PM / Program and SDLC controls
• Banking and / or financial services industry experience a plus

Liaises with stakeholders to understand problems and opportunities and, recommends solutions to enable the achievement of organizational goals.

Builds exceptional relationships with business partners and internal stakeholders. Analyzes data and creates documents and plans in service of informing, advising, or updating stakeholders.

Ensures the requirements map to a real business need, are approved by all relevant stakeholders, and meet essential quality standards.

Participates in reviews or inspections, in collaboration with the project team, to ensure the quality of work products.

• Understands and can explain to others the core processes, risks & mitigation techniques for designated areas.
• Anticipates and reduces complexity for others.
• Conducts independent analysis and assessment to resolve strategic issues.
• Monitors and tracks performance, and addresses any issues.
• Builds change management plans of varying scope and type; leads or participates in a variety of change management activities including readiness assessments, planning, stakeholder management, execution, evaluation and sustainment of initiatives.
• Assists in the preparation of end-user materials.
• Plans and conducts third-party software analysis as needed for inclusion in the project solution.
• Gathers requirements and documents these requirements for use in various audits, reports, & projects.
• Participates in the creation of use cases and user expected results to ensure that software is delivered to end users with zero Severity 1 or Severity 2 defects.
• Works with project stakeholders to validate their requirements and analysis models via techniques such as reviews and walkthroughs.
• Ensures system specifications meet expectations / requirements, and negotiates solutions.
• Creates documentation to ensure the supportability of analyses.
• Maintains existing requirements to ensure that current-state needs are known.
• Develops and implements data collection systems and other strategies that optimize statistical efficiency and data quality.
• Identifies, analyzes, and interprets trends or patterns in complex data sets.
• Filters and cleans data, and reviews computer reports, printouts and performance indicators to locate and correct code problems.
• Remains alert to new techniques for insights, analytics, and data visualization, and devises new ways of applying them.
• Interprets data, analyzes results using statistical techniques and provide ongoing reports.
• Recommends approaches to streamline and integrate technological processes in the organization to improve overall efficiency.
• Facilitates discussions and follows a structured approach to plan, elicit, analyze, document, communicate and manage requirements with stakeholders.
• Provides analytical support and insights.
• Identifies opportunities to strengthen business analysis capability, such as : sharing expertise to promote technical development, mentoring employees, building communities of practice and networks across the bank.
• Stays abreast of industry technical and business trends through participation in professional associations, practice communities & individual learning.
• Focus is primarily on business / group within the bank; may have broader, enterprise-wide focus.
• Exercises judgment to identify, diagnose, and solve problems within given rules.
• Works independently on a range of complex tasks, which may include unique situations.
• Broader work or accountabilities may be assigned as needed.

Qualifications :

• Typically between 4 - 6 years of relevant experience and post-secondary degree in related field of study or an equivalent combination of education and experience.
• Possesses analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy.
• Demonstrates applied knowledge of one or more analysis and problem decomposition technique.
• Understands complete Software Development Life Cycle and can apply the applicable portions of the Feasibility,’ Requirements, and Analysis’ phases.
• Demonstrates writing and documentation skills.
• Understands and can explain to others the core processes involved in their area of support.
• Technical proficiency gained through education and / or business experience.
• Verbal & written communication skills - In-depth.
• Collaboration & team skills - In-depth.
• Analytical and problem solving skills - In-depth.
• Influence skills - In-depth.
• Data driven decision making - In-depth.

Job 59547