Information Security Control Testing Lead

Information Security Control Testing Lead required for a global financial services firm. As part of the CCO, you will partner closely with Technology teams to assess risks, test controls, and drive consistent, high-quality control standards across the first line.

As a Technology Risk & Security Control Testing Lead, you will:

• Improve oversight of non-financial risks by partnering with first-line business and technology owners
• Drive best practice and consistency in risk and control standards across the organisation
• Support a risk-aware culture where employees understand their role in managing risk
• Perform risk assessments and control testing (RCSA) for Technology risk and control owners
• Contribute to testing strategy, methodology, and continuous improvement initiatives
• Deliver testing plans, report results, and track remediation progress
• Escalate material testing issues and emerging themes where appropriate
• Build strong relationships across Technology, Risk, and Controls teams

• Experience in risk assessment and control/assurance testing from a 1
  
  LOD, 2
  
  LOD, or 3
  
  LOD role
• Strong understanding of Information Security & Technology Risk within Financial Services or a highly regulated environment
• Ability to identify, assess, and challenge risks associated with technology delivery
• Minimum 3+ years' experience in one or more of:
  • Information Security Risk Management
  • Internal Audit
  • Compliance
• Experience engaging with regulators is desirable

• Candidates from 2
  
  LOD or 3
  
  LOD looking to move into a 1
  
  LOD role
• Candidates with 1
  
  LOD control ownership, remediation, validation, or Technology experience

• CISSP
• CISM