OPENING

We are a leading trading platform that is ambitiously expanding to the four corners of the globe. Our top-rated products have won prestigious industry awards for their cutting-edge technology and seamless client experience. We deliver only the best, so we are always in search of the best people to join our ever-growing talented team.

REQUIREMENTS:

• 
  
  
  
• 5-7 years of experience in technology risk management, IT audit, or control testing within a regulated FinTech or financial services environment.

• Strong background in assessing IT and cybersecurity controls, including experience with cloud environments, DevSecOps practices, and digital payment platforms.
• Proven ability to perform test of controls (design and operating effectiveness)
• Strong understanding of operational processes, risk frameworks, and regulatory requirements.
• Proficiency in using governance, risk, and compliance (GRC) tools and control testing platforms.
• Familiarity with IT control frameworks such as NIST Cybersecurity Framework, ISO 27001, and COBIT.
• Proficiency with GRC platforms and testing tools (e.g., RSA Archer, ServiceNow, or LogicGate).
• Advanced knowledge of data analysis tools (e.g., Excel, SQL) and reporting tools (e.g., Tableau, Power BI).
• Strong understanding of cloud security, data protectiontechnologies, and cybersecurity protocols.
• Experience in managing regulatory audits.
• Ability to work collaboratively with regional and global partners in other functional units; ability to navigate a complex organisation; to influence and lead people across cultures at a senior level
• Excellent problem-solving skills, inquisitive nature and comfort challenging current practices.
• Proven track record of taking ideas forward without supervision and challenging others, where appropriate.
• Adapt at developing relationships with senior business executives with a reputation for partnering across organisation lines to mitigate risks.
• Highly disciplined, able to work with limited supervision and make independent decisions.
• Strong organisational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results.
• High level of professionalism, self-motivation, and sense of urgency.
• Bachelor’s degree in Computer Science, Information Technology, Risk Management, or a related field.
• Advanced degree (e.g., MS in Cybersecurity, MBA) is a plus.What you will get in return:
• Competitive Salary: We believe great work deserves great pay! Your skills and talents will be rewarded with a salary that makes you feel valued and motivated.
• Work-Life Harmony: Join a company that genuinely cares about you—because your life outside of work matters just as much as your time on the clock.
• Annual Performance Bonus: Your hard work doesn’t go unnoticed! Celebrate your achievements with a well-deserved annual bonus tied to your performance.
• Generous Time Off: Need a breather? Our annual leave policy lets you recharge and enjoy life outside of work without a worry.
• Employee Referral Program: Love working here? Share the love! Bring your talented friends on board and get rewarded for growing our awesome team.
• Comprehensive Health & Pension Benefits: From medical insurance to pension plans, we’ve got your back. Plus, location-specific benefits and perks!
• Workation Wonderland: Live your digital nomad dreams with 30 extra days to work remotely from anywhere in the world (some restrictions apply). Adventure awaits!
• Volunteer Days: Make a difference! Take two additional paid days each year to support causes you care about and give back to the community.

• Design and maintain a robust technology control testing framework aligned with risk management standards (e.g., NIST, ISO 27001, COBIT, ITIL).
• Develop and update testing methodologies, ensuring they address key risks related to IT infrastructure, cybersecurity, cloud services, and software development.
• Establish and maintain control testing policies and procedures that align with regulatory and internal governance requirements.
• Ensure the control testing framework integrates seamlessly with the broader Operational Risk Management Framework (ORMF).
• Maintain a comprehensive control library, mapping controls to risks and business objectives.
• Plan and execute detailed control testing activities across IT operations, systems, and processes, including:
• Cybersecurity controls (e.g., firewalls, encryption, access management).
• Cloud computing controls (e.g., AWS, Azure, Google Cloud).
• Data protection controls (e.g., GDPR compliance, data backups).
• Incident management processes and disaster recovery testing.
• Test both the design and operating effectiveness of IT controls.
• Prioritise control testing activities based on risk assessments, focusing on high-risk areas such as payment systems, customer data protection, and regulatory reporting.
• Document and communicate control deficiencies to relevant stakeholders.
• Work with technology teams to develop, track, and implement remediation plans to address identified control gaps.
• Perform follow-up testing to validate the resolution of issues and confirm effectiveness.
• Assess IT controls of third-party vendors and service providers, ensuring compliance with contractual and regulatory obligations.
• Support vendor risk management activities by evaluating third-party cybersecurity and IT governance controls.
• Document findings and control weaknesses, ensuring they are communicated clearly to relevant stakeholders.
• Work with control owners and process teams to develop and track remediation plans for identified deficiencies, ensuring timely resolution.
• Conduct follow-up testing to validate the implementation and effectiveness of corrective actions.
• Collaborate with risk teams to ensure control testing aligns with the organisation’s risk assessment and regulatory requirements.
• Present findings and recommendations to senior leadership, providing actionable insights to improve the control environment.
• Support regulatory audits and examinations by providing control testing documentation and responding to inquiries.
• Ensure the organisation is prepared for external reviews of its control environment.