IT Controls Specialist

We are seeking an experienced IT Controls professional to oversee, assess, and enhance the effectiveness of IT general controls (ITGCs) and application controls within our client's reinsurance technology environment. The role ensures compliance with regulatory frameworks, internal risk policies, and audit requirements across all IT systems supporting underwriting, claims, finance, and actuarial operations.

Key Responsibilities

• IT Controls Management
• Design, implement, and maintain IT general controls (access management, change management, IT operations, etc.) aligned with company policies and regulatory standards (e.g., SOX, Solvency II, GDPR).
• Evaluate application controls within reinsurance platforms (e.g., underwriting, claims, pricing systems).
• Monitor compliance with internal control frameworks (e.g., COSO, COBIT).
• Assist with execution of user access reviews across key applications and infrastructure.
• Review and evaluate SOC 1 reports from third-party service providers to assess control effectiveness and impact on financial reporting.
• Perform audit evidence collection and review to support internal and external audit activities.
• Review change artifacts (e.g., change tickets, approvals, test results) to ensure compliance with change management policies.
• Track and monitor IT changes to ensure proper authorization, testing, and documentation throughout the change lifecycle.
• Risk & Compliance
• Perform IT risk assessments to identify potential weaknesses or threats to system integrity and data confidentiality.
• Work with internal audit, external audit, and risk teams to provide control evidence and respond to audit findings.
• Maintain documentation of IT control processes, test plans, and remediation activities.
• Testing & Reporting
• Conduct ITGC and application control testing to assess design and operational effectiveness.
• Develop reports and dashboards summarizing control performance and remediation status.
• Ensure timely closure of identified control deficiencies.
• Collaboration
• Partner with IT infrastructure, cybersecurity, and business application teams to ensure control integration.
• Support control automation initiatives and continuous improvement programs.
  
  
  

Qualifications

• Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field.
• 5 years of experience in IT controls, IT audit, or IT risk management preferably in reinsurance, insurance, or financial services.
• Strong understanding of ITGCs, application controls, and risk frameworks (COBIT, COSO, ISO 27001).
• Knowledge of reinsurance business systems and data flows is an advantage.
• Experience with audit and compliance tools (e.g., Archer, ServiceNow GRC, TeamMate) preferred.
• Professional certifications such as CISA, CRISC, CISSP, or CPA are highly desirable.
  
  
  

Preferred Experience

• Exposure to AWS environments and understanding of cloud control frameworks.
• Familiarity with CyberArk for privileged access management.
• Experience using Jira for change and incident tracking.
• Prior experience with a Big 4 firm (e.g., Deloitte, PwC, EY, KPMG) in IT audit, risk advisory, or assurance.
• Knowledge of SailPoint or similar identity governance tools.