Quality Assurance - Functional Testing Quality Assurance Analyst
Spectraforce
Toronto, Ontario
3 hours ago
Job Description
Job Title: Quality Assurance - Functional Testing Quality Assurance Analyst
Job Duration: 12 months (Possibility of conversion to FTE)
Work Location: 250 Yonge Street, Toronto, ON, 3 days onsite.
Purpose
The Intermediate Control Tester helps maintain and strengthen an effective internal control framework within the Procurement Line of Business—Global Third-Party Risk Management, Sourcing, Supplier Relationship Management, Procurement Operations, and Accounts Payable—by performing quarterly PRC (Process, Risk, Controls) monitoring and testing. The role combines a risk-based IT audit approach aligned to the CISA job practice domains with project management discipline to ensure controls are well designed, operating effectively, and reported on reliably.
Responsibilities
· Perform design and operating effectiveness testing of Procurement controls in accordance with the Monitoring & Testing Handbook; identify testing populations and select statistically sound samples; document procedures, evidence, and conclusions.
· Conduct control walkthroughs with stakeholders across Procurement functions to validate process understanding and control design; review internal operating procedures for alignment with control objectives.
· Apply risk-based audit planning and execution, including sampling methodology, audit evidence collection techniques, audit data analytics, and clear reporting and communication of results to stakeholders.
· Test IT Automated controls and project management related controls · Assess IT-related control dependencies (e.g., IT governance, vendor/third-party management, data governance and classification) that impact Procurement controls and third-party risk oversight.
· Execute risk-based IT testing, including general IT controls, application controls, and cybersecurity assessments, across on-premise and cloud environments.
· Evaluate data management practices, including data classification, protection, privacy controls, and overall data lifecycle management to safeguard sensitive information · Plan and manage testing activities, schedules, and deliverables using PMP domain practices—People, Process, Business Environment—including stakeholder engagement, communications, risk management, and benefits/value alignment.
· Assist the Senior Manager with periodic reporting, governance meeting materials, and status updates, ensuring clarity of results, remediation actions, and timelines.
· Support consistency, transparency, and accuracy of the internal control governance framework across Procurement; identify emerging issues and recommend enhancements to controls and testing approaches.
· Contribute input to operational programs supporting risk/control frameworks (e.g., COSO/COBIT/SOX methods and testing standards).
Competencies
· Risk-based audit planning and execution, including audit standards, sampling methodology, and evidence collection; quality assurance of audit process.
· IT governance and vendor/third-party management understanding to evaluate control effectiveness across IT automated controls · People domain: stakeholder engagement, team leadership, conflict management, and communication.
· Process domain: planning and managing scope, schedule, quality, risks, procurement, and change to deliver testing outcomes with urgency and value.
· Business Environment domain: alignment to compliance, benefits/value realization, and responsiveness to external changes impacting Procurement controls.
MUST HAVE
· Post-secondary degree in Business, Finance, Accounting, Information Systems, or related field; typically 3+ years of relevant experience (internal controls, risk management, preferably audit, or compliance).
· Certified Information Systems Auditor (CISA, ISACA) certification or Certified Information Systems Security Professional (CISSP) ; knowledge of the five current CISA domains (Information Systems Auditing Process; Governance & Management of IT; IS Acquisition, Development & Implementation; IS Operations & Business Resilience; Protection of Information Assets).
· Strong analytical, sampling, and audit data analytics skills; excellent written and verbal communication; influence and collaboration skills across cross-functional teams; ability to manage ambiguity in a dynamic environment.
· Data-driven decision-making capabilities.
NICE TO HAVE
· PMP (PMI) certification or progress toward it; familiarity with PMP exam domains (People, Process, Business Environment) and the PMBOK’s performance domain perspective used to deliver outcomes and value.
· Working knowledge of risk policy and control frameworks (e.g., SOX 404, COSO, COBIT) and banking/regulatory environments.
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 37.95/hr.
Job Duration: 12 months (Possibility of conversion to FTE)
Work Location: 250 Yonge Street, Toronto, ON, 3 days onsite.
Purpose
The Intermediate Control Tester helps maintain and strengthen an effective internal control framework within the Procurement Line of Business—Global Third-Party Risk Management, Sourcing, Supplier Relationship Management, Procurement Operations, and Accounts Payable—by performing quarterly PRC (Process, Risk, Controls) monitoring and testing. The role combines a risk-based IT audit approach aligned to the CISA job practice domains with project management discipline to ensure controls are well designed, operating effectively, and reported on reliably.
Responsibilities
· Perform design and operating effectiveness testing of Procurement controls in accordance with the Monitoring & Testing Handbook; identify testing populations and select statistically sound samples; document procedures, evidence, and conclusions.
· Conduct control walkthroughs with stakeholders across Procurement functions to validate process understanding and control design; review internal operating procedures for alignment with control objectives.
· Apply risk-based audit planning and execution, including sampling methodology, audit evidence collection techniques, audit data analytics, and clear reporting and communication of results to stakeholders.
· Test IT Automated controls and project management related controls · Assess IT-related control dependencies (e.g., IT governance, vendor/third-party management, data governance and classification) that impact Procurement controls and third-party risk oversight.
· Execute risk-based IT testing, including general IT controls, application controls, and cybersecurity assessments, across on-premise and cloud environments.
· Evaluate data management practices, including data classification, protection, privacy controls, and overall data lifecycle management to safeguard sensitive information · Plan and manage testing activities, schedules, and deliverables using PMP domain practices—People, Process, Business Environment—including stakeholder engagement, communications, risk management, and benefits/value alignment.
· Assist the Senior Manager with periodic reporting, governance meeting materials, and status updates, ensuring clarity of results, remediation actions, and timelines.
· Support consistency, transparency, and accuracy of the internal control governance framework across Procurement; identify emerging issues and recommend enhancements to controls and testing approaches.
· Contribute input to operational programs supporting risk/control frameworks (e.g., COSO/COBIT/SOX methods and testing standards).
Competencies
· Risk-based audit planning and execution, including audit standards, sampling methodology, and evidence collection; quality assurance of audit process.
· IT governance and vendor/third-party management understanding to evaluate control effectiveness across IT automated controls · People domain: stakeholder engagement, team leadership, conflict management, and communication.
· Process domain: planning and managing scope, schedule, quality, risks, procurement, and change to deliver testing outcomes with urgency and value.
· Business Environment domain: alignment to compliance, benefits/value realization, and responsiveness to external changes impacting Procurement controls.
MUST HAVE
· Post-secondary degree in Business, Finance, Accounting, Information Systems, or related field; typically 3+ years of relevant experience (internal controls, risk management, preferably audit, or compliance).
· Certified Information Systems Auditor (CISA, ISACA) certification or Certified Information Systems Security Professional (CISSP) ; knowledge of the five current CISA domains (Information Systems Auditing Process; Governance & Management of IT; IS Acquisition, Development & Implementation; IS Operations & Business Resilience; Protection of Information Assets).
· Strong analytical, sampling, and audit data analytics skills; excellent written and verbal communication; influence and collaboration skills across cross-functional teams; ability to manage ambiguity in a dynamic environment.
· Data-driven decision-making capabilities.
NICE TO HAVE
· PMP (PMI) certification or progress toward it; familiarity with PMP exam domains (People, Process, Business Environment) and the PMBOK’s performance domain perspective used to deliver outcomes and value.
· Working knowledge of risk policy and control frameworks (e.g., SOX 404, COSO, COBIT) and banking/regulatory environments.
Applicant Notices & Disclaimers
- For information on benefits, equal opportunity employment, and location-specific applicant notices, click here
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 37.95/hr.