Product Owner SOx IT Testing
[Permanent, full-time, Brussels]
Your role & work environment
As a IT Control Tester you will test internal IT controls to ensure that they have been designed and documented effectively and that they operated effectively throughout the year. You will assess if these controls have the ability to sufficiently mitigate inherent critical and high risks.
In addition, you will coordinate the yearly test plan and report on progress. You will also play an active role in identifying and implementing testing activities that could either be automated or offshored.
You will be an integral member of the 1st Line of Defense SOx 404 & Key Control Independent Testing team within the Centre of Expertise Safe Business and Regulatory Affairs.
Your key responsibilities
- Proactively collaborate with all stakeholders to ensure that internal controls are effectively designed and documented to meet regulatory and internal policies compliance requirements. These may include the support in documenting Bank processes, narrative, flowcharts, control design sheets and other documentations
- Work with stakeholders (Process owners, Control owners, Safe Business Officers, 2nd Line of Defense Risk Managers, Internal, External Auditors, ING Group Policy Owners, Senior Managers) on the test plans and develop a cohesive understanding of the expected evidences and on the depth of testing
- Schedule the testing tasks of the team, assist in the resolution of the testing impediments, timely escalate if necessary and monitor the overall progress of testing activities
- Perform the 1st LoD monitoring function through the test of the design and through the test of effectiveness of IT controls in scope. Ensure deadlines are met
- Develop and promote the usage of adequate tools and techniques to increase testing coverage and deliver high quality control testing results
- Act as subject matter expert of several risk areas and review the quality of the deliverables of on-site and/or offshore testing team members
- Document the test results and the supporting evidences in the ING Risk Register
- Timely communicate gaps (i.e. control exceptions and deficiencies) identified through the testing to IT control owners and other stakeholders
- Align stakeholders on the risk-based final evaluation of the controls deficiencies and assist control owners for defining remediation efforts and timeline
- Support the business and control owners to identify compensating controls and assist them to assess the likelihood and impact of controls deficiencies in a qualitative and quantitative manner
- Facilitate and monitor the progress reporting of findings remediations
- Continuously identify and implement control testing simplification, improvement opportunities and cost reduction drivers
- Ensure good coordination and collaboration with the Offshored Teams in IBSS Manila
Let’s talk about you
- You have a minimum of five years of experience in Business and/or IT general and application controls
- You have a minimum of three years of overall risk management experience performing Business and/or IT risk assessments
- You are result oriented and can work independently
- You have strong coordination skills and are able to manage multiple concurrent tasks without impact on quality of work
- You have strong oral and written communication skills
- You are a problem solver and strong team player
- You are assertive and understand emotional intelligence drivers
- You are resistant to stress
Education and knowledge
- A bachelor or Master Degree in (Applied) Economics, Commercial Engineering, Computer Science, Finance, Accountancy or Commercial Sciences
- Working knowledge in a banking environment and banking business processes is required
- Strong working knowledge of Identity and access management threats, risk and controls are required
- Working knowledge of Sarbanes Oxley 404 and related control requirements is desired
- Working knowledge of BCBS239 and ISAE SOC 2 is a plus
- ITIL, CISA, CISM, CRISK, CISSP certifications are a plus
- Project management skills are a plus
- Fluent in English, Dutch and/or French
We look for
A colleague with a talent for taking it on and making it happen, enthusiasm for helping others to be successful and a knack for always being a step ahead. In other words, you strive to bring fresh ideas to life and embrace challenges in a fast changing and complex environment. You are a naturally collaborative person who listens and invests in others to achieve common goals. You love to challenge the status quo and are eager to propose creative solutions to problems.
We offer you
A clear purpose, a unique offer and a range of flexible compensation and other benefits:
- Personal growth & challenging work with endless opportunities to realize your ambitions
- An informal, dynamic environment with innovative colleagues supporting your endeavors
- A progressive and agile way of working, where new ideas are valued ahead of convention
A hybrid way of working:
- Balancing the perks of working from the office and working from home? Yes, you can! ING recently introduced a new way of working: the hybrid mode. We give the autonomy to our employees to let them organize their work in a flexible way that suits best for them while ensuring business continuity, customer service and employee wellbeing.
Furthermore, within the Safe Bank and Regulatory Affairs center of expertise, you can count on a range of opportunities to invest in your personal and professional growth with:
- the possibility to participate in courses and trainings
- challenging working environment & a steep learning curve
We redefine banking. What about you?
There has never been a more interesting time to work at ING. We’re on a journey that’s centered around our customers, powered by technology and driven by smart, determined people. Our customers feel our people are empowering them to stay a step ahead in life and in business. We’re proud of that!