Basic Purpose

The Analyst will serve in an Asset Based Testing role that will help plan, scope, execute, and report testing of IT and Information Security controls. The Analyst will be responsible for all phases of the assessment and communications with business partners and other stakeholders. They will work in an Agile environment.

Responsibilities

Planning & Scoping of Asset Based Assessments to include development of communications, risk & control matrices, scope documents and other supporting informationPerform walk-throughs with business partners identifying actual versus expected controlsCreate test strategies to test actual controlsDocument all work performed to meet the IIA reperformance standardDocument issues and final reportsPresent to leadership results of assessmentsAny other duties as assigned to support the program

Qualifications

Experience in control testing to include experience in some of the three lines of defense (Audit, ERM, First Line areas)Experience in working with all levels of staff, management, stakeholders, and third partiesCISSP, CISA, CRISC, CCSP or other Information Security certifications

Bank Secrecy Section

Remains cognizant of and adheres to Navy Federal policies, procedures and regulations pertaining to the BankSecrecy Act.