Home
Jobs

IT Control Tester Specialist

7 - 12 years

10 - 20 Lacs

Posted:17 hours ago| Platform: Naukri logo

Apply

Work Mode

Work from Office

Job Type

Full Time

Job Description


control testing job descriptions

. They will be the same key roles and responsibilities, but each headcount will have specific focus/expertise as outlined in 1-4 below. This should give high level summary of specific qualification/experience in resources that we look for.

  1. Information Security/Cyber Security
  2. Infrastructure, cloud platform, network, and service management, software engineering/SLDC
  3. Data
  4. ITGC and business application controls

Key Role & Responsibilities

  • Conduct and document thorough walkthrough of IT controls
  • Design test plans and document test steps to assess the control design and operating effectiveness
  • Create/prepare a document request list and work with control owners/performers to obtain evidence supporting the control execution and validation that the control is working as intended.
  • Complete control testing workpaper and maintain detailed records of testing results, findings, and recommendations.
  • Address workpaper review comments and independent review and challenge from the Second Line of Defense

Specific Skillsets & Experiences

  • Experience with IT internal audit or other risk assurance functions
  • Knowledge of industry and compliance frameworks i.e., NIST cybersecurity framework, CIS, ITIL, PCI, FedRAMP
  • Strong understanding of risk management methodologies, and security control testing techniques.
  • Strong verbal and written communication skills, with the ability to lead walkthroughs with control owners/performers, and construct questions and follow-ups.
  • Focus on each headcount:
  1. Information Security/Cyber security focus - Technical skills and experiences with particular focus/familiarity on the following control areas or tools, but not limited to:

    • Network security - firewall, NAC, Network Intrusion Prevention/detection, WAF, Web filtering/Web traffic (i.e., FireMon, Cisco ISE, Cloudflare etc.)
    • Cyber data protection/data security - DLP, data discover/classification, email security, cloud data security/CASB, database security and encryption (i.e., Trellix, Proofpoint, Varonis, Purview, Imperva)
    • Servers and endpoint security - Antivirus/Antimalware, Device, protection, Endpoint privilege access (i.e., Crowdstrike, Absolute, Beyond Trust)
    • Cyber defense SIEM, MSSP, and SOC for log forwarding/ingestion/and monitoring, Cyber Threat Intelligence
    • Cloud platform security
    • Application and API security – OWASP principles, SAST, SCA, DAST, secret scanning
    • Access and Authentication/Privilege access (i.e., SailPoint, Okta/Auth0, Delinea)
  2. Infrastructure, cloud platform, and network, and service management, software engineering/SDLC focus - Technical skills and experiences with particular focus on the following control areas/concepts, but not limited to:

    • Server and Directory service management – Build/image, configuration management, certification management, backup and recovery, Active Directory, Patching
    • Workstations, Virtual Desktops, Mobile Devices – Build/Image, MAM, Patching
    • Cloud platform management – AWS/AWS well-architected framework, Azure, IaC/automated build template
    • Platform and application observability
    • Disaster recovery – Data center DR test, High availability, cloud recovery
    • Service management – Hardware/software asset management, software licensing, CMDB, change management, incident and problem management
    • SLDC – DevSecOps concept, Coding services (IaC, service mesh etc.), Code repository, CI/CD, Quality engineering and quality assurance
  3. Data focus - Technical skills and experiences with particular focus on the following areas/concepts, but not limited to:

    • Database administration – Database design/structure, access controls, build, configuration, backup, jobs, and other maintenance and security measures (i.e., SQL, PostgreSQL)
    • Data warehouse platform/data development/transformation – Design/architecture, Data modeling, ETL, data obfuscation and masking (i.e., Snowflake, Coalesce)
    • Data transit/exchange connection/data file transfers – Monitoring, Logging, Secure file transfer/protocols, error handling
    • Data governance and quality management – Metadata management, Data lineage, Data quality rules, Data defect management (i.e., Collibra)
  4. ITGC and business application controls / SOX focus (e.g., system interface and integration) - Technical skills and experiences with particular focus on the following areas/concepts

    • Testing of SOX ITGC / IT general controls
    • Testing of business applications controls – Automated application interface and integration, system/application

Please share your profile at surbhi.malhotra@nlbtech.com

Mock Interview

Practice Video Interview with JobPe AI

Start Cyber Security Interview
cta

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

coding practice

Enhance Your Skills

Practice coding challenges to boost your skills

Start Practicing Now
NLB Services
NLB Services

Information Technology and Services

Phoenix

51-200 Employees

198 Jobs

    Key People

  • Nand Lal Bhagat

    Founder & CEO
  • James Smith

    Chief Operating Officer

RecommendedJobs for You