IT Control Testing Specialist(Location: Bangalore, Kochi, Hyderabad)

Job Title:

Experience:

Locations:

About the Role

This role plays a vital role in ensuring the effectiveness of IT controls. As an IT Control Testing Specialist, you will design, execute, and document comprehensive test plans to evaluate ITGCs and ITACs.

Key Responsibilities:

Client Engagement:

Serve as the primary point of contact for clients regarding OT SOC services.

Conduct regular meetings with clients to discuss security posture, incidents, and recommendations.

Develop and maintain strong client relationships to ensure satisfaction and trust in our services.

Security Operations:

Monitor and analyze security events from OT environments to identify potential threats and vulnerabilities.

Perform real-time security monitoring and incident response for OT systems.

Utilize security information and event management (SIEM) tools to detect and respond to security incidents.

Incident Management:

Lead and coordinate the response to OT security incidents, including investigation, containment, eradication, and recovery.

Conduct root cause analysis and develop remediation plans to address security gaps.

Prepare detailed incident reports and deliver findings to clients in a clear and professional manner.

Threat Intelligence and Vulnerability Management:

Gather and analyze threat intelligence relevant to OT environments.

Conduct vulnerability assessments and penetration testing on OT systems.

Develop and implement strategies to mitigate identified vulnerabilities and enhance security controls.

Collaboration and Training:

Work closely with internal teams, including IT SOC, engineering, and risk management, to ensure comprehensive security coverage.

Provide training and guidance to clients and internal teams on OT security best practices.

Stay updated with the latest trends, technologies, and threats in OT security.

Develop and maintain a thorough understanding of IT controls frameworks and relevant regulations (e.g., SOX).

Participate in risk assessments to identify IT control deficiencies and prioritize testing activities.

Independently design and execute test plans for ITGCs and ITACs, utilizing a variety of testing methodologies.

Working knowledge in one or more domains such as: Governance policies and procedures, Risk Management, Compliance, Access Control, Security Incident Response, Disaster Recovery, Business continuity management, Identity Access Review, Change Management

Sound understanding of security technologies/techniques like Cryptography, Algorithms, Secure IT Authentication, Secure Development, Data Protection, Certificate Management Lifecycle

Perform complex test procedures using automated tools and manual techniques, documenting the results comprehensively.

Analyze test findings, identify control weaknesses, and recommend remediation actions.

Collaborate with IT and business process owners to address control deficiencies and implement corrective actions.

Experience in performing vendor security reviews covering cyber security domains

Lead and mentor junior team members in control testing practices.

Stay updated on emerging IT threats and control best practices.

Qualifications

Bachelor’s degree in information technology, Computer Science, or a related field (or equivalent experience).

1-7 years of experience in IT audit, IT security, or a similar role with a focus on IT control testing.

Strong working knowledge of IT controls frameworks and IT control testing methodologies.

Familiarity with tools like ServiceNow, Jira, or other GRC platforms.

Experience with IT control testing tools is a must.

Experience in assessing and providing recommendations on the feasibility of automating manual control testing processes.

Adaptability to manage a dynamic control population and evolving client needs.

Excellent analytical and problem-solving skills.

Strong communication, collaboration, and leadership skills.