Senior Associate, Technology Controls Testing - Enterprise Services Risk

What you'll do

• Design and execute automated "Tests of Effectiveness" (ToE) for controls across AWS, Azure, and GCP.
• Use code to perform analysis and repeatable tasks to streamline internal audit workflows.
• Execute data extraction and API integration from cloud services using Python/SQL.
• Identify critical risks in major cloud service providers and escalate them appropriately.
• Research industry practices and regulatory changes to recommend policy updates.
• Build process enhancements to reduce manual audit overhead through automation tools.
• Maintain a broad understanding of cloud vulnerabilities and contribute to risk mitigation.

What we're looking for

• At least 2 years of experience in risk management or related fields.
• Hands-on experience with cloud technologies (AWS, GCP, Azure) and automation tools.
• Experience designing and executing automated control testing plans.
• Skilled at identifying control gaps through code analysis and process enhancement.
• Professional certifications such as CRISC, CISM, CISSP, or cloud-specific certifications.
• Ability to communicate technical risks effectively to non-technical stakeholders.
• Experience with data extraction, analysis, and visualization from cloud APIs.