Operational IT Control Analyst - Tekfortune Inc.
Mclean, VA
About the Job
Tekfortune is a fast-growing consulting firm specialized in permanent, contract & project-based staffing services for worlds leading organizations in a broad range of industries. In this quickly changing economic landscape, virtual recruiting and remote work are critical for the future of work. To support the active project demands and skills gaps, our staffing experts can help you find the best job for you.
Role: Operational IT Control Analyst
Remote Role
6+ Months Contract
Requirements:
Experience with one or more of the following areas - IT Risk or IT Audit or IT Control Testing
Experience with reviewing or assessing IT related risks and or testing controls - around cybersecurity, risk management, information technology covering data quality, privacy, resilience, change management, infrastructure/architecture, capacity and performance.
Proven experience in one or more areas : control assessment, technology risk management, and third-party risk management.
If expertise in IT Risk assessments - should know Inherent Risk and Residual Risk assessment
If expertise in IT Control Testing - should have experience with Test of Design and Test of Operating Effectiveness
IT experience in Audit - should have experience with QA/QC of evidence to be submitted to Auditors
Bachelor's degree in Security and Risk Analysis, Information Technology
3+ years is a must
Key Responsibilities:
Conduct comprehensive reviews and testing of controls across various domains including enterprise change management, data protection, and third-party risk assessments.
Collaborate with client control teams to review and validate evidence, ensuring successful remediation of identified issues.
Standardize processes for determining annual control testing programs in alignment with organizational objectives.
Develop future-state processes for client issue management cycles, evaluating existing structures and governance documents to enhance efficiency and effectiveness.
Review and validate evidence provided for remediation of regulatory findings, ensuring compliance with regulatory requirements.
Develop and deliver training programs to upskill technical staff on fundamental risk management concepts and best practices.
Conduct cybersecurity control gap risk assessments across data governance, IT, and operational resilience functions to identify control and process risks.
Develop Target Operating Models (TOMs) aligned with industry frameworks (e.g., NIST, ISO) to remediate regulatory findings and control gaps.
Manage teams to ensure timely completion of engagements within required regulatory timelines.
Develop consolidated workflows to enhance user consent management processes and reduce privacy risks for financial clients.
Facilitate collaboration between non-technical and technical teams to streamline processes and foster cross-functional relationships.
Review and evaluate IT controls and practices during due diligence processes, providing recommendations to C-Suite executives on potential IT risks and remediation strategies.
Assist clients in transitioning to updated regulatory frameworks (e.g., NIST 800-53 Rev 5) by evaluating control catalogs and developing updated processes.
Preferred Requirements:
Attention to detail and good communication skills
Collaboration and consensus building skills
Certification in CISSP, NIST framework or SOC2 related controls is a plus including frameworks GDPR, CCPA
Master's degree in Security and Risk Analysis, Information Technology
For more information and other jobs available please contact our recruitment team at careers@tekfortune.com . To view all the jobs available in the USA and Asia please visit our website at https://www.tekfortune.com/careers/ .
Role: Operational IT Control Analyst
Remote Role
6+ Months Contract
Requirements:
Experience with one or more of the following areas - IT Risk or IT Audit or IT Control Testing
Experience with reviewing or assessing IT related risks and or testing controls - around cybersecurity, risk management, information technology covering data quality, privacy, resilience, change management, infrastructure/architecture, capacity and performance.
Proven experience in one or more areas : control assessment, technology risk management, and third-party risk management.
If expertise in IT Risk assessments - should know Inherent Risk and Residual Risk assessment
If expertise in IT Control Testing - should have experience with Test of Design and Test of Operating Effectiveness
IT experience in Audit - should have experience with QA/QC of evidence to be submitted to Auditors
Bachelor's degree in Security and Risk Analysis, Information Technology
3+ years is a must
Key Responsibilities:
Conduct comprehensive reviews and testing of controls across various domains including enterprise change management, data protection, and third-party risk assessments.
Collaborate with client control teams to review and validate evidence, ensuring successful remediation of identified issues.
Standardize processes for determining annual control testing programs in alignment with organizational objectives.
Develop future-state processes for client issue management cycles, evaluating existing structures and governance documents to enhance efficiency and effectiveness.
Review and validate evidence provided for remediation of regulatory findings, ensuring compliance with regulatory requirements.
Develop and deliver training programs to upskill technical staff on fundamental risk management concepts and best practices.
Conduct cybersecurity control gap risk assessments across data governance, IT, and operational resilience functions to identify control and process risks.
Develop Target Operating Models (TOMs) aligned with industry frameworks (e.g., NIST, ISO) to remediate regulatory findings and control gaps.
Manage teams to ensure timely completion of engagements within required regulatory timelines.
Develop consolidated workflows to enhance user consent management processes and reduce privacy risks for financial clients.
Facilitate collaboration between non-technical and technical teams to streamline processes and foster cross-functional relationships.
Review and evaluate IT controls and practices during due diligence processes, providing recommendations to C-Suite executives on potential IT risks and remediation strategies.
Assist clients in transitioning to updated regulatory frameworks (e.g., NIST 800-53 Rev 5) by evaluating control catalogs and developing updated processes.
Preferred Requirements:
Attention to detail and good communication skills
Collaboration and consensus building skills
Certification in CISSP, NIST framework or SOC2 related controls is a plus including frameworks GDPR, CCPA
Master's degree in Security and Risk Analysis, Information Technology
For more information and other jobs available please contact our recruitment team at careers@tekfortune.com . To view all the jobs available in the USA and Asia please visit our website at https://www.tekfortune.com/careers/ .
Source : Tekfortune Inc.