Information Risk Officer - SOX IT General Controls Testing @ING Hubs Romania

at  ING

București, Municipiul București, Romania -

Start DateExpiry DateSalaryPosted OnExperienceSkillsTelecommuteSponsor Visa
Immediate19 Dec, 2024Not Specified24 Sep, 20243 year(s) or aboveTest Scripts,Case,Testing ProcessNoNo
Add to Wishlist Apply All Jobs
Required Visa Status:
CitizenGC
US CitizenStudent Visa
H1BCPT
OPTH4 Spouse of H1B
GC Green Card
Employment Type:
Full TimePart Time
PermanentIndependent - 1099
Contract – W2C2H Independent
C2H W2Contract – Corp 2 Corp
Contract to Hire – Corp 2 Corp

Description:

Discover ING Hubs Romania
ING Hubs Romania offers 130 services in software development, data management, non-financial risk & compliance, audit, and retail operations to 24 ING units worldwide, with the help of over 1700 high-performing engineers, risk, and operations professionals.
We started out in 2015 as ING’s software development hub – a distinct entity from ING Bank Romania – then steadily expanded our range to include more services and competencies.
Now we provide borderless services with bank-wide capabilities and operate from two locations: Bucharest and Cluj-Napoca.
Our tech capabilities remain the core of our business, with more than 1500 colleagues active in Data Management, Touchpoint Channels & Integration, Core Banking, and Global Products.
We enjoy a flexible way of working and a highly collaborative environment, where fair and constructive feedback is encouraged.
For us, impact isn’t a perk. It’s the driver of our work.
We are guided and rewarded by a shared desire to make the world a better place, one innovative solution at a time. Our colleagues make it their job to do impactful things and they love doing it in good company. Do you?
Mission

This position is located within the ING Regional Information Risk Management Centre (IRIC), part of the ING Non-Financial Risk & Compliance HUB, in Bucharest, Romania. IRIC currently provides support to the ING Information Risk Management community in performing Information, Technology & Continuity Risk Management services for various ING entities. IRIC offers a service portfolio that includes the following:

  • 2nd line risk management activities for ING entities;
  • Second Line Monitoring activities for SOX IT Generic controls;
  • Other information risk or business continuity management related activities might be provided by the IRIC to other ING entities. This will assist ING business units as well as Corporate Information Risk Management (CIRM) to manage the Information & Technology or Continuity Risk profiles of ING Bank in a sound manner.

Within the IRIC Romania, you will be part of a team of Information& Technology Risk Management Officers and Continuity Risk Management Specialists, with various backgrounds (IT audit, IT, Information Security, Risk management), which means that you will have the necessary internal community to guide you through the process of becoming an Information& Technology Risk Management professional and help you with answers to your questions, as needed.
With this open position we are looking to fill in an open spot in the Second Line Monitoring for IT General Controls team - thus we are looking for candidates with experience in SOX IT Generic controls testing, either from a tester or from an auditor/reviewer of the testing process point of view.
This is an excellent opportunity for individuals seeking challenging SOx IT generic controls compliance work, being part of a central team, which is continuously expanding its internal clients portfolio and of a regional team which fosters career development opportunities, both local & international, in the risk management field.
Your day-to-day

Your day-to-day activities will be specific to the service you would be allocated, but, over time, you will build knowledge in all the tasks described below:

  • Establish strong working relationships with internal clients stakeholders;
  • Manage internal clients through the whole SOX testing process, by challenging & advising on SOX requirements for compliance in each phase of the SOX lifecycle;
  • Assess the quality of the test of existence, by participating in and reviewing the documentation of the Walkthrough;
  • Assess the quality of the test of design and operating effectiveness, by reviewing the documentation of the tests (test scripts and test evidences);
  • Perform Independent Testing, in case the outcome of the reviews performed for test of design or operating effectiveness indicate reasons of concerns;
  • Review of SOX Evaluation meeting documentation;
  • Ensure that the documentation and testing complies with standards and allows for reliance by the external auditors;
  • When consulted, support entities in challenging & advising on the assessment of identified deficiencies and proposed mitigating actions;

What are we looking for
We are looking for an energetic, self-motivated team-player to be part of the IRIC team.

Ideally you have the following in your portfolio:

  • University BSc Degree or equivalent, preferably in the IT field;
  • 2 – 3 years experience in SOx IT General Controls testing process;
  • Focused, self-driven and results oriented;
  • Analytical with the ability to think broadly but also with attention to detail;
  • Good analytical skills and sound judgement;
  • Excellent communication skills - clear, concise verbal and written communications (presentations, meetings, emails, etc.);
  • Fluency in English (written and spoken).

Responsibilities:

  • Establish strong working relationships with internal clients stakeholders;
  • Manage internal clients through the whole SOX testing process, by challenging & advising on SOX requirements for compliance in each phase of the SOX lifecycle;
  • Assess the quality of the test of existence, by participating in and reviewing the documentation of the Walkthrough;
  • Assess the quality of the test of design and operating effectiveness, by reviewing the documentation of the tests (test scripts and test evidences);
  • Perform Independent Testing, in case the outcome of the reviews performed for test of design or operating effectiveness indicate reasons of concerns;
  • Review of SOX Evaluation meeting documentation;
  • Ensure that the documentation and testing complies with standards and allows for reliance by the external auditors;
  • When consulted, support entities in challenging & advising on the assessment of identified deficiencies and proposed mitigating actions


REQUIREMENT SUMMARY

Min:3.0Max:8.0 year(s)

Financial Services

IT Software - QA & Testing

Finance

BSc

IT

Proficient

1

București, Romania