Control Testing Lead - Information Security

Information Security Control Testing Lead required for a global financial services firm. As part of the CCO, you will partner closely with Technology teams to assess risks, test controls, and drive consistent, high-quality control standards across the first line.

The role

As a Technology Risk & Security Control Testing Lead, you will:

• Improve oversight of non-financial risks by partnering with first-line business and technology owners

• Drive best practice and consistency in risk and control standards across the organisation

• Support a risk-aware culture where employees understand their role in managing risk

• Perform risk assessments and control testing (RCSA) for Technology risk and control owners

• Contribute to testing strategy, methodology, and continuous improvement initiatives

• Deliver testing plans, report results, and track remediation progress

• Escalate material testing issues and emerging themes where appropriate

• Build strong relationships across Technology, Risk, and Controls teams

What we're looking for

• Experience in risk assessment and control/assurance testing from a 1LOD, 2LOD, or 3LOD role

• Strong understanding of Information Security & Technology Risk within Financial Services or a highly regulated environment

• Ability to identify, assess, and challenge risks associated with technology delivery

• Minimum 3+ years' experience in one or more of:

  • Information Security Risk Management

  • Internal Audit

  • Compliance

• Experience engaging with regulators is desirable

This role would suit

• Candidates from 2LOD or 3LOD looking to move into a 1LOD role

• Candidates with 1LOD control ownership, remediation, validation, or Technology experience

Qualifications (desirable, not essential)

• CISSP

• CISM