Information Risk Officer - SOX IT General Controls Testing @ING Hubs Romania
at ING
București, Municipiul București, Romania -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 19 Dec, 2024 | Not Specified | 24 Sep, 2024 | 3 year(s) or above | Test Scripts,Case,Testing Process | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
Discover ING Hubs Romania
ING Hubs Romania offers 130 services in software development, data management, non-financial risk & compliance, audit, and retail operations to 24 ING units worldwide, with the help of over 1700 high-performing engineers, risk, and operations professionals.
We started out in 2015 as ING’s software development hub – a distinct entity from ING Bank Romania – then steadily expanded our range to include more services and competencies.
Now we provide borderless services with bank-wide capabilities and operate from two locations: Bucharest and Cluj-Napoca.
Our tech capabilities remain the core of our business, with more than 1500 colleagues active in Data Management, Touchpoint Channels & Integration, Core Banking, and Global Products.
We enjoy a flexible way of working and a highly collaborative environment, where fair and constructive feedback is encouraged.
For us, impact isn’t a perk. It’s the driver of our work.
We are guided and rewarded by a shared desire to make the world a better place, one innovative solution at a time. Our colleagues make it their job to do impactful things and they love doing it in good company. Do you?
Mission
This position is located within the ING Regional Information Risk Management Centre (IRIC), part of the ING Non-Financial Risk & Compliance HUB, in Bucharest, Romania. IRIC currently provides support to the ING Information Risk Management community in performing Information, Technology & Continuity Risk Management services for various ING entities. IRIC offers a service portfolio that includes the following:
- 2nd line risk management activities for ING entities;
- Second Line Monitoring activities for SOX IT Generic controls;
- Other information risk or business continuity management related activities might be provided by the IRIC to other ING entities. This will assist ING business units as well as Corporate Information Risk Management (CIRM) to manage the Information & Technology or Continuity Risk profiles of ING Bank in a sound manner.
Within the IRIC Romania, you will be part of a team of Information& Technology Risk Management Officers and Continuity Risk Management Specialists, with various backgrounds (IT audit, IT, Information Security, Risk management), which means that you will have the necessary internal community to guide you through the process of becoming an Information& Technology Risk Management professional and help you with answers to your questions, as needed.
With this open position we are looking to fill in an open spot in the Second Line Monitoring for IT General Controls team - thus we are looking for candidates with experience in SOX IT Generic controls testing, either from a tester or from an auditor/reviewer of the testing process point of view.
This is an excellent opportunity for individuals seeking challenging SOx IT generic controls compliance work, being part of a central team, which is continuously expanding its internal clients portfolio and of a regional team which fosters career development opportunities, both local & international, in the risk management field.
Your day-to-day
Your day-to-day activities will be specific to the service you would be allocated, but, over time, you will build knowledge in all the tasks described below:
- Establish strong working relationships with internal clients stakeholders;
- Manage internal clients through the whole SOX testing process, by challenging & advising on SOX requirements for compliance in each phase of the SOX lifecycle;
- Assess the quality of the test of existence, by participating in and reviewing the documentation of the Walkthrough;
- Assess the quality of the test of design and operating effectiveness, by reviewing the documentation of the tests (test scripts and test evidences);
- Perform Independent Testing, in case the outcome of the reviews performed for test of design or operating effectiveness indicate reasons of concerns;
- Review of SOX Evaluation meeting documentation;
- Ensure that the documentation and testing complies with standards and allows for reliance by the external auditors;
- When consulted, support entities in challenging & advising on the assessment of identified deficiencies and proposed mitigating actions;
What are we looking for
We are looking for an energetic, self-motivated team-player to be part of the IRIC team.
Ideally you have the following in your portfolio:
- University BSc Degree or equivalent, preferably in the IT field;
- 2 – 3 years experience in SOx IT General Controls testing process;
- Focused, self-driven and results oriented;
- Analytical with the ability to think broadly but also with attention to detail;
- Good analytical skills and sound judgement;
- Excellent communication skills - clear, concise verbal and written communications (presentations, meetings, emails, etc.);
- Fluency in English (written and spoken).
Responsibilities:
- Establish strong working relationships with internal clients stakeholders;
- Manage internal clients through the whole SOX testing process, by challenging & advising on SOX requirements for compliance in each phase of the SOX lifecycle;
- Assess the quality of the test of existence, by participating in and reviewing the documentation of the Walkthrough;
- Assess the quality of the test of design and operating effectiveness, by reviewing the documentation of the tests (test scripts and test evidences);
- Perform Independent Testing, in case the outcome of the reviews performed for test of design or operating effectiveness indicate reasons of concerns;
- Review of SOX Evaluation meeting documentation;
- Ensure that the documentation and testing complies with standards and allows for reliance by the external auditors;
- When consulted, support entities in challenging & advising on the assessment of identified deficiencies and proposed mitigating actions
REQUIREMENT SUMMARY
Min:3.0Max:8.0 year(s)
Financial Services
IT Software - QA & Testing
Finance
BSc
IT
Proficient
1
București, Romania