Director - SOX Control Effectiveness Testing Lead - Investment Bank

Director - SOX Control Effectiveness Testing Lead :: Investment Bank :: Pune

Description:

- The primary objective of the role is to lead and direct the performance and delivery of the IT Control Effectiveness Testing service, covering the end-to-end IT controls testing lifecycle from approach and scope definition, through effectiveness testing, to development of remediation plans and reporting. It will require the creation of a new outstanding capability that builds on existing technology control testing elsewhere within the Bank.

- The service also includes the performance, management and reporting of the outcomes from independent thematic reviews. This includes liaising with senior leadership across the IT, CTOO and Finance organizations globally, and external assurance providers and audit teams.

- Additionally, leading the reporting and communication of IT control gaps and thematic issues across the organization to senior leadership and formal governance bodies as well as leading the identification of opportunities for control testing efficiencies (i.e., "test once and use many") and automation in line with the Group Chief Technology and Operations Officer strategy.

We are looking for:

- Proven track record in delivering of IT control effectiveness testing, including SOX and testing relating to other external testing requirements, across any of the three lines of defense (LOD), or as an external auditor, preferably in the Financial Services industry

- Proven experience of engaging and maintaining the relationships with senior partners across IT and CTOO organizations, as well as external assurance providers and auditors, to deliver IT control effectiveness testing to required timeframes

- Consistent track record of setting the strategic direction and approach for a unified testing capability, satisfying multiple internal and external requirements,

- Proven experience managing large-scale, impactful hybrid teams comprising of permanent team members, augmented with resources from third-party providers, to meet demand, as well crafting a career paths and supporting progression for team members

- Experience in communicating control issues and impact to the Board and IT Executive Committee, IT teams and the business across divisions and geographies, helping them understand of the impact of control issues on the broader IT risk and control environment

- Deep understanding of Operational Risk and application and technology control design, IT risk and control frameworks and industry good practice

- Experience in presenting complex issues confidently and concisely to Technology Senior Executives and other key partners using non-technical easily understood language

- Knowledge of IS/IT control frameworks, professional standards, and leading practices including professional qualifications and certifications (e.g. COBiT, ITIL, COSO, CISA etc.)

- A hard-working and with can-do attitude!

- Dedication to fostering an inclusive culture and value diverse perspectives.