IT Senior Controls Testing Analyst

  • Centro Corporativo El Cafetal, Heredia, Heredia, Costa Rica
  • Full-time
  • Department: Legal & Compliance
  • Role Type: Hybrid
  • Employee Status: Regular
  • Schedule: Full Time
  • Shift: Day Shift

Company Description

Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years we’ve been named in the 100 “World’s Most Innovative Companies” by Forbes Magazine. With a focus on our employees, we have been certified for the third time as Great Place To Work (GPTW). Experian Consumer Information Services is redefining the way our clients do business within all aspects of the customer credit lifecycle. Fueled by best-in-class data and innovative technology we help businesses make smarter decisions, identify consumers, make decisions on loans, market to prospects and collect.

Job Description

Role Description

Reporting to the Head of Data Security Assurance, but with day-to-day accountability to the Controls Testing Lead, the Controls Testing Analyst be responsible for performing control testing over access management risks across the Experian global, with the potential to expand into other areas of data security testing.  They will also support the controls testing lead in the risk assessment and planning activities and the analytics team in the identification and development of analytics.

The Controls Testing Analyst will be responsible for developing and executing controls testing plans and for communicating, agreeing and monitoring gaps in controls in line with Experian risk management processes and in collaboration with other assurance functions across the first, second and third line of defense. 

Major Job Functions:

  • Support the development and maintenance of the testing methodology for the access management hub bringing innovative ideas to improve our testing performance and supporting the team in transitioning to new ways of working.
  • Develops testing plans leveraging a combination of advanced analytics and manual activities and executes testing across multiple business units and regions, coordinating activities with senior stakeholders.
  • Prepares draft reports reflecting the results of work performed and advises the business on appropriate solutions and remediation activities engaging other 2LOD and Subject Matter experts in agreeing action plans.  Presents results to senior management to get buy in and agreement to action.
  • Collaborate with the Data Analytics team to identify opportunities for converting manual testing into continuous monitoring activity and to follow up on the results of continuous monitoring and analytics.
  • Directs the analytics team to adjust and improve models and visualizations based on results of testing and future testing plans.
  • Supports the controls testing lead in the maintenance of the risk universe to support the identification and prioritization of testing and reporting of results and coverage. 
  • Acts as a role model for other control testing and risk functions around the business in the use of innovative testing techniques, automation and analytics.


Essential Abilities:

  • Desired relevant professional or academic qualifications: (CISA, CISSP, CISM, QiCA or equivalent)
  • 4+ years’ experience in information security controls assurance or IT audit. 
  • Big 4’ and/or internal audit experience desirable.
  • Demonstrates high levels of personal integrity at all times.
  • Strong oral and written communication skills.
  • Influencing skills so that senior management will buy-in to changes being proposed.
  • The ability to work independently and proactively.
  • A commercial and pragmatic approach to governance and change.
  • A problem solver who proposes innovative solutions.
  • An approach that champions collaboration and consultation.
  • Ability to work independently and proactively.
  • Experience in performing access management control testing.
  • Ability to assess risks and identify suitable controls to mitigate risks.  
  • Attention to detail, adept at queries, report writing and presenting findings.
  • Experience of working in a multinational environment.

Advantageous Abilities

  • Experience of data analytics or continuous monitoring.
  • Experience of identity and access management tooling.
  • Experience of cloud computing (e.g. AWS).

Additional Information

Our benefits include: Medical, life and dental insurance, Asociacion Solidarista, International Share Save Plan, Flex Work, Work from home, Paid time off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.

Privacy Policy