control tester

A Senior-level Control Tester with hands-on experience in:Security control testingWriting issues, findings, and reportsReviewing evidence and documenting resultsControl assurance and security control review cyclesExperience in Information Security and IT Audit is preferred, but:Years of experience are flexible (no strict requirement for 8+ years).As long as the candidate has solid, hands-on control testing experience, they will be considered.Key ResponsibilitiesPerforming security control testing and reviewing documentation.Preparing reports, issue write-ups, and summaries.Participating in end-to-end testing cycles (review, assess, document, report).Supporting a high volume of control testing over the next few months.No current requirement for specific frameworks like ISO 27001; primary focus is security controls only.Tools & Testing ApproachMixture of manual and automated testing.Early testing and standard control assurance practices.The testing scope varies depending on the business unit.Candidate RequirementsFlexible on experience (does not require 8 years).Strong security control testing background is essential.Experience in report writing and issue documentation.Certifications (CISA, CISSP, ISO LA) are nice-to-have, not required.Work ScheduleTeam operates on Costa Rica time (similar to US Central).Typical schedule is 8am–5pm Costa Rica time, but the manager is flexible:Could allow 7am–4pm or similar adjustmentsFocus is on delivering work on time rather than strict hours