Now Hiring: IT Compliance & Controls Testing Manager
We are seeking an experienced
IT Compliance & Controls Testing Manager
to join our Risk & Compliance organization. This role sits within the
Second Line of Defense
, supporting independent testing activities to ensure technology controls, cybersecurity practices, and operational processes comply with internal policies and external regulatory requirements.
About the Role In this position, you will lead and perform independent control testing across IT and cybersecurity environments, evaluating both the
design and operating effectiveness of controls
. You will help identify control gaps, document findings, and recommend remediation actions that strengthen the organization’s overall risk posture.
You will work closely with business teams, IT stakeholders, and internal control partners to ensure transparency, accuracy, and accountability in all compliance testing activities.
Key Responsibilities
• Develop and execute testing procedures aligned with regulatory requirements, policies, and control frameworks
• Perform
design effectiveness and operating effectiveness testing
of IT and security controls
• Identify control weaknesses and document findings, root cause analysis, and remediation recommendations
• Prepare detailed workpapers and formal testing reports to support audit-ready documentation
• Collaborate with business units and control owners to validate issues and corrective actions
• Maintain strong working relationships across risk, compliance, cybersecurity, and IT teams
• Support continuous improvement of the testing methodology and compliance framework
Required Qualifications
• 4+ years of experience in IT audit, cybersecurity, risk, or compliance testing
• Strong understanding of IT controls, governance, and regulatory frameworks
• Experience applying policies, standards, and regulations to IT environments
• Knowledge of cybersecurity principles and control frameworks
• Strong documentation, reporting, and analytical skills
• Proficiency in Microsoft Office (Word, Excel, PowerPoint)
• Excellent communication skills with ability to work across all levels of management
⭐ Preferred Qualifications
• 6+ years of experience in IT audit or cybersecurity within a large or regulated financial organization
• Certifications such as
CISA, CIA, CISSP, CISM, CRISC, or CDPSE
• Experience in “Second Line of Defense” or enterprise risk functions
• Familiarity with control testing methodologies and enterprise risk frameworks
Ideal Candidate Profile
You are someone who enjoys:
• Finding hidden risks in systems and processes
• Working with rules, controls, and structured testing frameworks
• Writing clear, detailed documentation and reports
• Collaborating with technical and business teams to improve security and compliance
• Ensuring systems are safe, compliant, and audit-ready
Work Arrangement
• Remote opportunity (U.S. based)
Apply tot his job
Apply To this Job