Junior Control Tester
Spectraforce
Toronto, Ontario
2 hours ago
Job Description
Title: Junior Control Tester – Procurement
Line of Business: Procurement
Contract duration: 1 year
Extension likelihood: Yes
Possibility of conversion to FTE: Yes
Working hours: 37.5 hours/wk – 9:00am to 5:00pm
Location: Toronto, ON (Hybrid – 3 days in office)
High level team overview: This role is with Procurement. Monitoring & Testing of controls.
Team Size: 16 to 17 people
Purpose:
The Intermediate Control Tester helps maintain and strengthen an effective internal control framework within the Procurement Line of Business—Global Third Party Risk Management, Sourcing, Supplier Relationship Management, Procurement Operations, and Accounts Payable—by performing quarterly PRC (Process, Risk, Controls) monitoring and testing. The role combines a risk-based IT audit approach aligned to the CISA job practice domains with project management discipline to ensure controls are well designed, operating effectively, and reported on reliably.
Day to day:
• Perform design and operating effectiveness testing of Procurement controls in accordance with the Monitoring & Testing Handbook; identify testing populations and select statistically sound samples; document procedures, evidence, and conclusions.
• Conduct control walkthroughs with stakeholders across Procurement functions to validate process understanding and control design; review internal operating procedures for alignment with control objectives.
• Apply risk-based audit planning and execution, including sampling methodology, audit evidence collection techniques, audit data analytics, and clear reporting and communication of results to stakeholders.
• Test IT Automated controls and project management related controls
• Assess IT-related control dependencies (e.g., IT governance, vendor/third-party management, data governance and classification) that impact Procurement controls and third-party risk oversight.
• Execute risk-based IT testing, including general IT controls, application controls, and cybersecurity assessments, across on-premise and cloud environments.
• Evaluate data management practices, including data classification, protection, privacy controls, and overall data lifecycle management to safeguard sensitive information
• Plan and manage testing activities, schedules, and deliverables using PMP domain practices—People, Process, Business Environment—including stakeholder engagement, communications, risk management, and benefits/value alignment.
• Assist the Senior Manager with periodic reporting, governance meeting materials, and status updates, ensuring clarity of results, remediation actions, and timelines.
• Support consistency, transparency, and accuracy of the internal control governance framework across Procurement; identify emerging issues and recommend enhancements to controls and testing approaches.
• Contribute input to operational programs supporting risk/control frameworks (e.g., COSO/COBIT/SOX methods and testing standards).
Competencies:
• Risk-based audit planning and execution, including audit standards, sampling methodology, and evidence collection; quality assurance of audit process.
• IT governance and vendor/third-party management understanding to evaluate control effectiveness across IT automated controls
• People domain: stakeholder engagement, team leadership, conflict management, and communication.
• Process domain: planning and managing scope, schedule, quality, risks, procurement, and change to deliver testing outcomes with urgency and value.
• Business Environment domain: alignment to compliance, benefits/value realization, and responsiveness to external changes impacting Procurement controls.
Must Have:
• Post-secondary degree in Business, Finance, Accounting, Information Systems, or related field; 3+ years of relevant experience (internal controls testing, risk management, preferably audit, or compliance).
• Strong analytical, sampling, and audit data analytics skills; excellent written and verbal communication; influence and collaboration skills across cross-functional teams; ability to manage ambiguity in a dynamic environment.
• Data-driven decision-making capabilities.
Nice to Have:
• Working knowledge of risk policy and control frameworks (e.g., SOX 404, COSO, COBIT) and banking/regulatory environments.
• Financial Industry experience
Interview Process: In person – Min 1 round, max 2 – Hiring manager & Director
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 34.00/hr.
Line of Business: Procurement
Contract duration: 1 year
Extension likelihood: Yes
Possibility of conversion to FTE: Yes
Working hours: 37.5 hours/wk – 9:00am to 5:00pm
Location: Toronto, ON (Hybrid – 3 days in office)
High level team overview: This role is with Procurement. Monitoring & Testing of controls.
Team Size: 16 to 17 people
Purpose:
The Intermediate Control Tester helps maintain and strengthen an effective internal control framework within the Procurement Line of Business—Global Third Party Risk Management, Sourcing, Supplier Relationship Management, Procurement Operations, and Accounts Payable—by performing quarterly PRC (Process, Risk, Controls) monitoring and testing. The role combines a risk-based IT audit approach aligned to the CISA job practice domains with project management discipline to ensure controls are well designed, operating effectively, and reported on reliably.
Day to day:
• Perform design and operating effectiveness testing of Procurement controls in accordance with the Monitoring & Testing Handbook; identify testing populations and select statistically sound samples; document procedures, evidence, and conclusions.
• Conduct control walkthroughs with stakeholders across Procurement functions to validate process understanding and control design; review internal operating procedures for alignment with control objectives.
• Apply risk-based audit planning and execution, including sampling methodology, audit evidence collection techniques, audit data analytics, and clear reporting and communication of results to stakeholders.
• Test IT Automated controls and project management related controls
• Assess IT-related control dependencies (e.g., IT governance, vendor/third-party management, data governance and classification) that impact Procurement controls and third-party risk oversight.
• Execute risk-based IT testing, including general IT controls, application controls, and cybersecurity assessments, across on-premise and cloud environments.
• Evaluate data management practices, including data classification, protection, privacy controls, and overall data lifecycle management to safeguard sensitive information
• Plan and manage testing activities, schedules, and deliverables using PMP domain practices—People, Process, Business Environment—including stakeholder engagement, communications, risk management, and benefits/value alignment.
• Assist the Senior Manager with periodic reporting, governance meeting materials, and status updates, ensuring clarity of results, remediation actions, and timelines.
• Support consistency, transparency, and accuracy of the internal control governance framework across Procurement; identify emerging issues and recommend enhancements to controls and testing approaches.
• Contribute input to operational programs supporting risk/control frameworks (e.g., COSO/COBIT/SOX methods and testing standards).
Competencies:
• Risk-based audit planning and execution, including audit standards, sampling methodology, and evidence collection; quality assurance of audit process.
• IT governance and vendor/third-party management understanding to evaluate control effectiveness across IT automated controls
• People domain: stakeholder engagement, team leadership, conflict management, and communication.
• Process domain: planning and managing scope, schedule, quality, risks, procurement, and change to deliver testing outcomes with urgency and value.
• Business Environment domain: alignment to compliance, benefits/value realization, and responsiveness to external changes impacting Procurement controls.
Must Have:
• Post-secondary degree in Business, Finance, Accounting, Information Systems, or related field; 3+ years of relevant experience (internal controls testing, risk management, preferably audit, or compliance).
• Strong analytical, sampling, and audit data analytics skills; excellent written and verbal communication; influence and collaboration skills across cross-functional teams; ability to manage ambiguity in a dynamic environment.
• Data-driven decision-making capabilities.
Nice to Have:
• Working knowledge of risk policy and control frameworks (e.g., SOX 404, COSO, COBIT) and banking/regulatory environments.
• Financial Industry experience
Interview Process: In person – Min 1 round, max 2 – Hiring manager & Director
Applicant Notices & Disclaimers
- For information on benefits, equal opportunity employment, and location-specific applicant notices, click here
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 34.00/hr.