Job Description

About the Role
This role is in the CTSD&I IT&V group. The Independent Testing & Validation team is responsible for the development and design of methodologies and standards for review activities across the Enterprise in alignment with the Risk Management Framework, and ensuring effective and appropriate testing, validation, and documentation of review activities for risk programs, risks, and controls according to standards and other applicable policies.
Market :
Responsibilities of the Senior Associate role include, but are not limited to:
Providing meaningful operational and compliance risk assessments of business and IT processes
Leading and supporting efforts to effectively challenge risks in processes and evaluate and/or test controls designed to mitigate those risks.
Developing control design and operating effectiveness testing procedures.
Executing the testing of controls with moderate supervision.
Executing the testing of design and performance for RCSA based controls.
Proactively engaging business partners to kick-off testing and lead ongoing meetings with moderate supervision.
Providing consultation and subject matter expertise for business process and IT control related matters including evaluating severity of control deficiencies and related remediation efforts.
Documenting test results and any issues identified while also providing recommendations to management, including identifying compensating controls and residual risk to issues identified.
Proactively communicating issues to stakeholders and identifying issue ownership.
Developing clear and concise reporting to be shared with IT&V management and Front Line Units.
Providing Credible Challenge to the First Line Units as needed.
Building relationships and collaborating with key stakeholders in the applicable line of business and IT functions related to assigned areas.

Required Qualifications
6 years of relevant experience in risk management (includes compliance, financial crimes, operational risk, internal audit, IT systems security, business process management) or 6 years of financial services industry experience.
4 years direct experience Audit, Compliance, Risk and testing
Desired Qualifications
Knowledge and understanding of financial services industry: compliance, risk management, or audit operations
Specialized knowledge or prior regulatory compliance testing or review experience
Experience reviewing testing strategies and methodologies; evaluating the adequacy and effectiveness of policies, procedures, processes, initiatives, products and internal controls; and identifying issues resulting from internal and/or external compliance examinations
Experience testing policy, procedures, control and business process testing
Experience creating, executing, and documenting compliance, control, and business process testing
Intermediate Microsoft Office (Word, Excel, Outlook, and PowerPoint)
Ability to take on a high level of responsibility, initiative, and accountability
Ability to present to executives

OTHER DESIRED QUALIFICATIONS:
Minimum two years at Big Four/super regional public accounting firm with experience in business process, regulatory, or IT audit and/or business process, regulatory, or IT SoX advisory/consulting service.
Knowledge and understanding of Technology and Information Security Frameworks and standards (COBIT, COSO, FFIEC, NIST, ISO).
Experience supporting SOX/SOC, Regulatory Exams (Domestic and Intl), Audits, or other technology control related assessments.
Demonstrated success with influencing business units to identify, formulate and implement processes/procedures to mitigate risk.
Demonstrated negotiation skills, especially with difficult topics when partnering with lines of business and technology. This includes the willingness and ability to question decisions, understand direction and escalate issues, where necessary

One or more of the following certifications:
Certified Internal Auditor (CIA)
Certified Information Systems Auditor (CISA)
Certified Anti-Money Laundering Specialist (CAMS)
Certified Financial Crimes Specialist (CFCS)
Certified Information Security Manager (CISM)
Certified Information Systems Security Professional (CISSP)
Certified in Risk and Information Systems Control (CRISC
Education: Any Graduate
Industry: Financial Services/Stockbroking, Banking

Skills Required