Randstad Digital Americas
Senior IT Risk & Control Analyst (QA/Challenge Function)
⭐ - Featured Role | Apply direct with Data Freelance Hub
This role is for a Senior IT Risk & Control Analyst (QA/Challenge Function) on a contract basis in Mount Laurel, New Jersey, offering $40 - $42 per hour. Requires 3-5 years in info security, audit, and certifications like CRISC or CISM. Key skills include IT Audit methodology, Agile, and Jira.
🌎 - Country
United States
💱 - Currency
$ USD
-
💰 - Day rate
336
-
🗓️ - Date
March 1, 2026
🕒 - Duration
Unknown
-
🏝️ - Location
On-site
-
📄 - Contract
Unknown
-
🔒 - Security
Unknown
-
📍 - Location detailed
Mount Laurel, NJ
-
🧠 - Skills detailed
#Kanban #Logging #BI (Business Intelligence) #Security #Scrum #Microsoft Power BI #Compliance #Quality Assurance #Documentation #Jira #SharePoint #Alation #Lean #Scala #Agile #AI (Artificial Intelligence) #Python #Monitoring #Vulnerability Management #Programming #ML (Machine Learning)
Role description
Job Summary
This role supports the execution of independent Quality Assurance (QA) and remediation reviews for audit and regulatory findings. You will partner with technology teams, operational risk management (ORM), and compliance stakeholders to ensure strong control hygiene and timely risk reduction.
Job Specific Accountabilities
QA & Challenge: Conduct quality assurance reviews and challenge remediation action plans for internal audit and regulatory findings.
Remediation Assessment: Evaluate whether action plans sufficiently address root causes, risk drivers, and control design gaps.
Evidence Validation: Assess remediation evidence for accuracy, completeness, and sustainability against established QA rubrics and control standards.
Gap Identification: Identify weaknesses or misalignment with policy, standards, and regulatory expectations.
Documentation: Maintain clear, defensible records of review results, conclusions, and rationale.
Risk Escalation: Assess residual risk and escalate concerns where remediation effectiveness is found insufficient.
Control Evaluation: Review controls across Access Management, Change Management, Vulnerability Management, Data Protection, Logging/Monitoring, and Third-Party Risk.
Stakeholder Engagement: Interact with technology owners to clarify remediation approaches; collaborate with Audit and 2nd/3rd Lines of Defense (LOD).
Innovation: Contribute to continuous improvement using Agile/Lean methods and explore leading-edge solutions (AI, ML, Power BI, Python).
Candidate Requirements
Experience & Education
Years of Experience: 3-5 years in info security, tech risk, or audit.
Education: University degree or relevant equivalent experience.
Certifications: CRISC, CISM, CISA, or CISSP (considered an asset/highly preferred).
Hard Skills (Must-Haves)
Audit Background: Expert knowledge of IT Audit and Control methodology.
Governance Frameworks: Knowledge of COBIT 5, NIST, ISO 27001, and CIS.
Agile Methodology: Experience in Scrum, Kanban, or Extreme Programming within a Challenge function.
Tools: Jira (required), MS Suite (PowerPoint, Teams, Excel), Confluence, and SharePoint.
Write-up Ability: Exceptional business writing for meticulous documentation and rationales.
Technical Competencies
Control Design: Experience reviewing control implementation and operating effectiveness.
Data Analytics: Understanding of data collection and analysis to resolve data issues.
Reporting: Experience with KPIs and KRIs (Key Performance/Risk Indicators) and Technology Risk analytics.
GRC Tools: Exposure to platforms like Archer or ServiceNow.
Summary of Daily Work
Typical Day: Forward-facing role managing communications, tracking review progress, and conducting quality checks.
Meeting Cadence: 10-15 hours per week.
Interactions: High visibility with both internal and external stakeholders across all levels (Technical to Executive Management).
Culture: A collaborative, supportive, and diverse team of 6 people covering various background segments.
location: Mount Laurel, New Jersey
job type: Contract
salary: $40 - 42 per hour
work hours: 8am to 5pm
education: Bachelors
Responsibilities
Job Specific Accountabilities
QA & Challenge: Conduct quality assurance reviews and challenge remediation action plans for internal audit and regulatory findings.
Remediation Assessment: Evaluate whether action plans sufficiently address root causes, risk drivers, and control design gaps.
Evidence Validation: Assess remediation evidence for accuracy, completeness, and sustainability against established QA rubrics and control standards.
Gap Identification: Identify weaknesses or misalignment with policy, standards, and regulatory expectations.
Documentation: Maintain clear, defensible records of review results, conclusions, and rationale.
Risk Escalation: Assess residual risk and escalate concerns where remediation effectiveness is found insufficient.
Control Evaluation: Review controls across Access Management, Change Management, Vulnerability Management, Data Protection, Logging/Monitoring, and Third-Party Risk.
Stakeholder Engagement: Interact with technology owners to clarify remediation approaches; collaborate with Audit and 2nd/3rd Lines of Defense (LOD).
Innovation: Contribute to continuous improvement using Agile/Lean methods and explore leading-edge solutions (AI, ML, Power BI, Python).
Candidate Requirements
Qualifications
Experience & Education
Years of Experience: 3-5 years in info security, tech risk, or audit.
Education: University degree or relevant equivalent experience.
Certifications: CRISC, CISM, CISA, or CISSP (considered an asset/highly preferred).
Hard Skills (Must-Haves)
Audit Background: Expert knowledge of IT Audit and Control methodology.
Governance Frameworks: Knowledge of COBIT 5, NIST, ISO 27001, and CIS.
Agile Methodology: Experience in Scrum, Kanban, or Extreme Programming within a Challenge function.
Tools: Jira (required), MS Suite (PowerPoint, Teams, Excel), Confluence, and SharePoint.
Write-up Ability: Exceptional business writing for meticulous documentation and rationales.
Technical Competencies
Control Design: Experience reviewing control implementation and operating effectiveness.
Data Analytics: Understanding of data collection and analysis to resolve data issues.
Reporting: Experience with KPIs and KRIs (Key Performance/Risk Indicators) and Technology Risk analytics.
GRC Tools: Exposure to platforms like Archer or ServiceNow.
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.
At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact HRsupport@randstadusa.com.
Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).
This posting is open for thirty (30) days.
Job Summary
This role supports the execution of independent Quality Assurance (QA) and remediation reviews for audit and regulatory findings. You will partner with technology teams, operational risk management (ORM), and compliance stakeholders to ensure strong control hygiene and timely risk reduction.
Job Specific Accountabilities
QA & Challenge: Conduct quality assurance reviews and challenge remediation action plans for internal audit and regulatory findings.
Remediation Assessment: Evaluate whether action plans sufficiently address root causes, risk drivers, and control design gaps.
Evidence Validation: Assess remediation evidence for accuracy, completeness, and sustainability against established QA rubrics and control standards.
Gap Identification: Identify weaknesses or misalignment with policy, standards, and regulatory expectations.
Documentation: Maintain clear, defensible records of review results, conclusions, and rationale.
Risk Escalation: Assess residual risk and escalate concerns where remediation effectiveness is found insufficient.
Control Evaluation: Review controls across Access Management, Change Management, Vulnerability Management, Data Protection, Logging/Monitoring, and Third-Party Risk.
Stakeholder Engagement: Interact with technology owners to clarify remediation approaches; collaborate with Audit and 2nd/3rd Lines of Defense (LOD).
Innovation: Contribute to continuous improvement using Agile/Lean methods and explore leading-edge solutions (AI, ML, Power BI, Python).
Candidate Requirements
Experience & Education
Years of Experience: 3-5 years in info security, tech risk, or audit.
Education: University degree or relevant equivalent experience.
Certifications: CRISC, CISM, CISA, or CISSP (considered an asset/highly preferred).
Hard Skills (Must-Haves)
Audit Background: Expert knowledge of IT Audit and Control methodology.
Governance Frameworks: Knowledge of COBIT 5, NIST, ISO 27001, and CIS.
Agile Methodology: Experience in Scrum, Kanban, or Extreme Programming within a Challenge function.
Tools: Jira (required), MS Suite (PowerPoint, Teams, Excel), Confluence, and SharePoint.
Write-up Ability: Exceptional business writing for meticulous documentation and rationales.
Technical Competencies
Control Design: Experience reviewing control implementation and operating effectiveness.
Data Analytics: Understanding of data collection and analysis to resolve data issues.
Reporting: Experience with KPIs and KRIs (Key Performance/Risk Indicators) and Technology Risk analytics.
GRC Tools: Exposure to platforms like Archer or ServiceNow.
Summary of Daily Work
Typical Day: Forward-facing role managing communications, tracking review progress, and conducting quality checks.
Meeting Cadence: 10-15 hours per week.
Interactions: High visibility with both internal and external stakeholders across all levels (Technical to Executive Management).
Culture: A collaborative, supportive, and diverse team of 6 people covering various background segments.
location: Mount Laurel, New Jersey
job type: Contract
salary: $40 - 42 per hour
work hours: 8am to 5pm
education: Bachelors
Responsibilities
Job Specific Accountabilities
QA & Challenge: Conduct quality assurance reviews and challenge remediation action plans for internal audit and regulatory findings.
Remediation Assessment: Evaluate whether action plans sufficiently address root causes, risk drivers, and control design gaps.
Evidence Validation: Assess remediation evidence for accuracy, completeness, and sustainability against established QA rubrics and control standards.
Gap Identification: Identify weaknesses or misalignment with policy, standards, and regulatory expectations.
Documentation: Maintain clear, defensible records of review results, conclusions, and rationale.
Risk Escalation: Assess residual risk and escalate concerns where remediation effectiveness is found insufficient.
Control Evaluation: Review controls across Access Management, Change Management, Vulnerability Management, Data Protection, Logging/Monitoring, and Third-Party Risk.
Stakeholder Engagement: Interact with technology owners to clarify remediation approaches; collaborate with Audit and 2nd/3rd Lines of Defense (LOD).
Innovation: Contribute to continuous improvement using Agile/Lean methods and explore leading-edge solutions (AI, ML, Power BI, Python).
Candidate Requirements
Qualifications
Experience & Education
Years of Experience: 3-5 years in info security, tech risk, or audit.
Education: University degree or relevant equivalent experience.
Certifications: CRISC, CISM, CISA, or CISSP (considered an asset/highly preferred).
Hard Skills (Must-Haves)
Audit Background: Expert knowledge of IT Audit and Control methodology.
Governance Frameworks: Knowledge of COBIT 5, NIST, ISO 27001, and CIS.
Agile Methodology: Experience in Scrum, Kanban, or Extreme Programming within a Challenge function.
Tools: Jira (required), MS Suite (PowerPoint, Teams, Excel), Confluence, and SharePoint.
Write-up Ability: Exceptional business writing for meticulous documentation and rationales.
Technical Competencies
Control Design: Experience reviewing control implementation and operating effectiveness.
Data Analytics: Understanding of data collection and analysis to resolve data issues.
Reporting: Experience with KPIs and KRIs (Key Performance/Risk Indicators) and Technology Risk analytics.
GRC Tools: Exposure to platforms like Archer or ServiceNow.
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.
At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact HRsupport@randstadusa.com.
Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).
This posting is open for thirty (30) days.
