Logo of Huzzle

Technology Controls Testing - AVP

image

Barclays

3mo ago

  • Job
    Full-time
    Senior & Expert Level
  • IT & Cybersecurity
    Banking & Finance
  • Pune

AI generated summary

  • You need 8-10 years in ITGC/Cyber/Application Controls, strong knowledge of IT security frameworks, hands-on IS audit experience, and relevant certifications like CISA or CISSP.
  • You will conduct control testing, ensure quality assurance, liaise with stakeholders, review management remediation, use data analytics, support risk management, and ensure regulatory compliance.

Requirements

  • This role requires extensive knowledge and working experience in Technology, Information, and Security domain.
  • Knowledge of IT architecture, networks, operating systems and database security, Active Directory, Cloud, Resiliency, SIEM tools
  • Knowledge or IS/IT Risks & Controls and respective Standards / Frameworks (e.g. COBIT, ITIL)
  • Practical experience in managing Cyber, Resilience and Physical Risks & Controls in Banking/ NBFC domains
  • Develop use cases to automate testing for efficiencies, articulate benefit of data-led approach
  • 8-10 years of testing experience of ITGC/Cyber/Application Controls
  • Understands IT processes, cyber risk, and types to controls to mitigate and manage risk
  • Responsible for the preparation of review documentation throughout the project lifecycle, in line with the methodology
  • Ability to assess and manage scope change - proactively identifies risks, issues and dependencies
  • Can manage the trade-offs of delivery within time, cost, and quality constraints
  • Hands on experience into IS Audits / IT Assessments and GRC (Governance, Risk & Controls)
  • Analytical approach and proven ability to lead and manage issue discussions to closure
  • Strong interpersonal skills and ability to communicate effectively across a global team
  • Ability to successfully multitask and complete assignments with varying lead times
  • Self-starter & works independently
  • Is able to manage team, track delivery, escalate challenges timely with regular reporting to Portfolio lead
  • Knowledge of NIST, Cloud Frameworks, Artificial Intelligence, Quantum Computing including relevant tools and technologies
  • Demonstrated use and knowledge of data analytics embedded testing
  • Depth of knowledge of key areas in cyber risk, including access management, networks, data security, system security and resilience at both application and infrastructure layers
  • Extensive knowledge and experience in one or more of the following fields IT audit, Risk and Control, IT security
  • Relevant professional certification (CISA, CISSP, CRISC, CISM, ISO 27001) or equivalent

Responsibilities

  • Carry out annual controls testing for Cyber, General Computer Controls (GCC) and Automated Business Controls (ABC) with the deep understanding of assessment frameworks and the applications
  • Ensure quality and accuracy of control testing by performing internal quality assurance (QA) verification as per Barclays Control Framework
  • Liaise with stakeholders across the three Lines of Defence to ensure efforts are aligned and complementary
  • Review activities undertaken by management to remediate control gaps and provide an opinion as to whether the risk has been fully mitigated and whether the implemented controls are sustainable
  • Identify and leverage appropriate data sources and data analytical techniques to deliver targeted testing
  • Extend the support towards implementation of the Technology CCO strategy to drive global consistency and improvements in risk awareness and risk management capability by developing a close and trusted relationship with key stakeholders, wherever required
  • Maintain an independent perspective, challenging as required and setting out quantified control options and risk decision recommendations
  • Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Barclays Policies and Policy Standards

FAQs

What is the primary purpose of the Technology Controls Testing - AVP role?

The primary purpose of the role is to partner with the bank to provide independent assurance on control processes and advise on improvements to ensure the efficiency and effectiveness of the bank’s internal controls framework.

What are the essential skills required for this position?

Essential skills include knowledge of NIST, Cloud Frameworks, Artificial Intelligence, Quantum Computing, demonstrated use of data analytics embedded testing, depth of knowledge in cyber risk areas, and extensive experience in fields such as IT audit, Risk and Control, and IT security.

What is the expected level of experience for candidates applying for this position?

Candidates should have 8-10 years of experience in testing ITGC/Cyber/Application Controls.

What kind of professional certifications are preferred for this role?

Preferred certifications include CISA, CISSP, CRISC, CISM, ISO 27001, or equivalent.

What are the key accountabilities of this role?

Key accountabilities include carrying out annual controls testing, ensuring quality and accuracy of control testing, liaising with stakeholders, reviewing management remediation efforts for control gaps, and leveraging data sources for targeted testing.

Is experience in the Banking/NBFC domain necessary for this position?

Yes, practical experience in managing Cyber, Resilience, and Physical Risks & Controls in Banking/NBFC domains is required.

What personal attributes are important for this role?

Important attributes include strong interpersonal skills, an analytical approach, the ability to multitask, a self-starter attitude, and capacity to manage a team with effective communication.

What regulatory frameworks should candidates be familiar with?

Candidates should have knowledge of regulatory requirements, Enterprise Wide Risk Management Framework, and internal Barclays Policies and Policy Standards.

How important is data analytics in this role?

Data analytics is crucial as the role involves developing use cases to automate testing for efficiencies and delivering targeted testing through appropriate data sources and analytical techniques.

What kind of team dynamics can a candidate expect in this role?

Candidates can expect to work collaboratively with stakeholders across the three Lines of Defence and maintain an independent perspective while providing quantified control options and risk recommendations.

Finance
Industry
10,001+
Employees
1690
Founded Year

Mission & Purpose

Barclays is a British universal bank. We are diversified by business, by different types of customers and clients, and by geography. Our businesses include consumer banking and payments operations around the world, as well as a top-tier, full service, global corporate and investment bank, all of which are supported by our service company which provides technology, operations and functional services across the Group. With over 325 years of history and expertise in banking, Barclays operates in over 40 countries and employs approximately 83,500 people. Barclays moves, lends, invests and protects money for customers and clients worldwide. Barclays is a trading name of Barclays Bank PLC and its subsidiaries. Barclays Bank PLC is registered in England and is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority. Registered in England. Registered No. 1026167. Registered office: 1 Churchill Place, London E14 5HP.