Technology Control Testing Lead

Summary

Join a leading, globally expanding trading platform with award-winning products, seeking talented individuals to contribute to its continued success. The role involves designing and maintaining a robust technology control testing framework, aligning with risk management standards. Responsibilities include developing testing methodologies, establishing control testing policies, and ensuring seamless integration with the Operational Risk Management Framework. The position requires extensive experience in technology risk management, IT audit, or control testing within a regulated financial environment, along with strong technical skills and regulatory knowledge. The company offers a competitive salary, work-life harmony, annual performance bonuses, generous time off, employee referral programs, comprehensive health and pension benefits, and unique perks like workation days and volunteer days.

Requirements

• 5-7 years of experience in technology risk management, IT audit, or control testing within a regulated FinTech or financial services environment
• Strong background in assessing IT and cybersecurity controls, including experience with cloud environments, DevSecOps practices, and digital payment platforms
• Proven ability to perform test of controls (design and operating effectiveness)
• Strong understanding of operational processes, risk frameworks, and regulatory requirements
• Proficiency in using governance, risk, and compliance (GRC) tools and control testing platforms
• Familiarity with IT control frameworks such as NIST Cybersecurity Framework, ISO 27001, and COBIT
• Proficiency with GRC platforms and testing tools (e.g., RSA Archer, ServiceNow, or LogicGate)
• Advanced knowledge of data analysis tools (e.g., Excel, SQL) and reporting tools (e.g., Tableau, Power BI)
• Strong understanding of cloud security, data protection technologies, and cybersecurity protocols
• Experience in managing regulatory audits
• Ability to work collaboratively with regional and global partners in other functional units; ability to navigate a complex organisation; to influence and lead people across cultures at a senior level
• Excellent problem-solving skills, inquisitive nature and comfort challenging current practices
• Proven track record of taking ideas forward without supervision and challenging others, where appropriate
• Adapt at developing relationships with senior business executives with a reputation for partnering across organisation lines to mitigate risks
• Highly disciplined, able to work with limited supervision and make independent decisions
• Strong organisational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results
• High level of professionalism, self-motivation, and sense of urgency
• Bachelor’s degree in Computer Science, Information Technology, Risk Management, or a related field

Responsibilities

• Design and maintain a robust technology control testing framework aligned with risk management standards (e.g., NIST, ISO 27001, COBIT, ITIL)
• Develop and update testing methodologies, ensuring they address key risks related to IT infrastructure, cybersecurity, cloud services, and software development
• Establish and maintain control testing policies and procedures that align with regulatory and internal governance requirements
• Ensure the control testing framework integrates seamlessly with the broader Operational Risk Management Framework (ORMF)
• Maintain a comprehensive control library, mapping controls to risks and business objectives
• Plan and execute detailed control testing activities across IT operations, systems, and processes, including
• Cybersecurity controls (e.g., firewalls, encryption, access management)
• Cloud computing controls (e.g., AWS, Azure, Google Cloud)
• Data protection controls (e.g., GDPR compliance, data backups)
• Incident management processes and disaster recovery testing
• Test both the design and operating effectiveness of IT controls
• Prioritise control testing activities based on risk assessments, focusing on high-risk areas such as payment systems, customer data protection, and regulatory reporting
• Document and communicate control deficiencies to relevant stakeholders
• Work with technology teams to develop, track, and implement remediation plans to address identified control gaps
• Perform follow-up testing to validate the resolution of issues and confirm effectiveness
• Assess IT controls of third-party vendors and service providers, ensuring compliance with contractual and regulatory obligations
• Support vendor risk management activities by evaluating third-party cybersecurity and IT governance controls
• Document findings and control weaknesses, ensuring they are communicated clearly to relevant stakeholders
• Work with control owners and process teams to develop and track remediation plans for identified deficiencies, ensuring timely resolution
• Conduct follow-up testing to validate the implementation and effectiveness of corrective actions
• Collaborate with risk teams to ensure control testing aligns with the organisation’s risk assessment and regulatory requirements
• Present findings and recommendations to senior leadership, providing actionable insights to improve the control environment
• Support regulatory audits and examinations by providing control testing documentation and responding to inquiries
• Ensure the organisation is prepared for external reviews of its control environment

Preferred Qualifications

Advanced degree (e.g., MS in Cybersecurity, MBA) is a plus

Benefits

• Competitive Salary: We believe great work deserves great pay! Your skills and talents will be rewarded with a salary that makes you feel valued and motivated
• Work-Life Harmony: Join a company that genuinely cares about you —because your life outside of work matters just as much as your time on the clock
• Annual Performance Bonus: Your hard work doesn’t go unnoticed! Celebrate your achievements with a well-deserved annual bonus tied to your performance
• Generous Time Off: Need a breather? Our annual leave policy lets you recharge and enjoy life outside of work without a worry
• Employee Referral Program: Love working here? Share the love! Bring your talented friends on board and get rewarded for growing our awesome team
• Comprehensive Health & Pension Benefits: From medical insurance to pension plans, we’ve got your back. Plus, location-specific benefits and perks!
• Workation Wonderland: Live your digital nomad dreams with 30 extra days to work remotely from anywhere in the world (some restrictions apply). Adventure awaits!
• Volunteer Days: Make a difference! Take two additional paid days each year to support causes you care about and give back to the community