Mass Fintech Careers

Discover the opportunities across the Mass Fintech Community

IT Controls Assurance Testing Lead, VP

State Street

State Street

Quincy, MA, USA
Posted on Wednesday, January 24, 2024

The Technology Business Controls Team is a First Line of Defense function responsible for driving effective technology risk management and controls assurance at State Street. We are seeking an individual to lead the execution of the IT Sarbanes-Oxley (SOX) program. This program will ensure IT general controls over financial reporting are sound and effective to support compliance with SOX program requirements. Candidates must demonstrate a breadth of knowledge of IT general controls and a thorough understanding of the Sarbanes-Oxley Act and be able to liaise with controls owners, Second and Third Lines of Defense to achieve program objectives.

Specific job responsibilities include:

  • Manage the execution of controls testing fieldwork in accordance with IT SOX program requirements
  • Lead and drive the development of controls assurance resources and ensure quality and consistency of IT SOX testing methodology and work papers
  • Draft clear and meaningful findings, assessment reports, presentations, and other materials for Sr. Management.
  • Monitor and track results of related IT controls assurance activities, identifying themes across the organization to determine if appropriate corrective action has been taken
  • Develop and maintain controls assurance KRI and KPIs
  • Work with Second Line to define and manage IT controls assurance scope
  • Collaborate with IT and Business Stakeholders in updating IT controls and processes


  • Minimum of 10+ years of experience in technology risk management, audit and/or compliance
  • Candidate should have expertise in IT General Controls and sound understanding of IT platforms, applications, and related technology.
  • Deep knowledge of industry Risk and Control frameworks (COSO, COBIT, NIST, ISO, etc.)
  • Proven interpersonal, communication and project management skills (PMP)
  • Risk and/or Audit certifications and/or related qualifications (i.e., CISA, CRISC, CISM, CISSP)
  • Advanced MS Excel, Word and Power Point skills
  • Desired experience in RSA Archer GRC solution

Salary Range:

$140,000 - $222,500 Annual

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.