Business Control Specialist III

Retail BE IT General Controls Tester Job Description

The financial industry is a sector of constant change and transformation - yesterday wants are today needs. Customer and regulator demand, advancements in technology and digitization, product innovations and new ways of banking – all elements of the world around us are evolving at lightning speed.
We as ING does not want only to adapt, we want to stay a step ahead. This requires talented professionals who will continuously seek for improvements of our existing processes and bringing fresh ideas into practice.

Our Control Hub teams are a first line of defense providing the ING business and functions with guidance and standardized solutions in the area of Non-Financial and IT Risk Key Control Testing. Given the span of scope you will be working with many colleagues from different disciplines, geographies and backgrounds.

As IT General Controls Tester, these will be your main responsibilities and duties :

• Conduct compliance testing of information systems and applications security management against internal security standards.
• Execution of IT Key Controls (SOX, Lifecycle) by comparing the delivered evidence with required evidence according to the Minimum Standards.
• Execution of IT Application Controls testing (SOX) by validating provided evidence with defined evidence per Control Description Sheet.
• Assess the completeness and accuracy of Information Produced by Entity (IPE) and Information Used in Controls (IUC) in compliance with defined requirements.
• Come to a conclusion Effective/Ineffective test and make the required registration of the findings
• Give input for the evaluation of Ineffective test results to determine Deficiencies on a regular time interval basis (formal sign-offs)
• Come up with improvements on the way of testing, required evidence, work-instructions, automation, test scripts,
• Ensures efficient communication with employees responsible for testing management and for providing evidence to be reviewed in the testing
• Act as a deputy team lead by supporting the team lead in managing daily operations, coordinating tasks, monitoring performance, ensuring compliance with policies, and serving as a point of escalation for issues.
• In addition to the above mentioned tasks other activities and responsibilities in information security area may be individually defined.

Personality requirements and skills

• Ability to work independently
• Experience in the IT Industry (IT Security, IT risk management, IT Testing, IT Service Desk, Identity & Access Management )
• You are considering yourself as pro-active and a motivated professional
• You are corporate organization sensitive and are capable of working under pressure.
• You are a real team player and recognize the importance of working together.
• Experience with enterprise-level processes and controls (Sox testing experience preferred) are welcomed
• Ability to define the steps to take the risk and to make test process lean and first time right
• Experience with SNOW ITRMP is advantage
• CISSP or CISA certification(s) are also highly welcomed