Full-Time Cybersecurity Controls Assurance Senior Manager

• Oversee the information security control testing program, collaborating across regions.
• Manage a team of testers to assess information systems per corporate security standards.
• Design repeatable testing methodologies, including automation for cloud environments.
• Plan control tests with risk identification, sampling, control selection, testing methods, and reporting criteria.
• Manage teams in testing the design and effectiveness of security controls, including fieldwork and reporting.
• Ensure quality assurance for control testing documentation.
• Compile management reports and presentations on risks, controls, and deficiencies.
• Be the primary contact for control tests, ensuring quality engagements and partner communications.
• Improve the efficiency of the control testing program by standardizing indicators and testing materials.

• Bachelor's degree in computer science, management information systems, or equivalent experience.
• 3+ years managing IT auditors or Information Security control assessors.
• 12+ years in IT Audit or Information Security control assessments, including cloud security controls.
• Professional certifications like CISA, CISM, CISSP, ISO 27001 Lead Auditor.
• Knowledge of standards like NIST 800-53, ISO 27001/27002, CIS Controls, COBIT.
• Experience with automated and manual methods for evaluating security controls on-premise and in cloud environments.
• Communicate complex information.
• Use partner feedback to improve processes.

• Knowledge of security tools like Sailpoint, Rapid7, Wiz.io, MS Defender.
• Experience with cloud security in AWS and Azure.
• Automation, data-driven testing techniques, and generative AI for control assurance.
• Create queries and reports using RSA Archer and ServiceNow.
• Familiarity with Kanban boards and Jira.

• Big 4 consultant experience.
• Knowledge of cybersecurity principles: integrity, availability, authentication, non-repudiation.
• Mentor junior team members, encouraging continuous improvement.
• Security reporting to senior management on posture, control effectiveness, risks.
• Apply security governance, risk, and control principles.
• Proficiency in automation and data analytics tools (Excel, Tableau, Alteryx, PowerBI).
• Agile working methodology experience.

What is the last date for applying to the job?

Which countries are accepted for this remote job?