About PFI
PFI Innovation Centre India is an exciting new innovation center. We’re building a future that helps people live better lives longer— and we’re looking for bold thinkers and team players to help us do it. Here, you'll tackle complex challenges, collaborate with brilliant minds across the globe, and grow your career while helping millions achieve financial security.
A PURPOSE DRIVEN COMPANY – 150 YEARS
While the PFI Innovation Centre India brand is new to India, you’ll be a part of the Prudential Financial, Inc. family. Founded in 1875 in Newark, New Jersey, we serve 50 million customers across more than 50 countries. With $1.334 trillion in assets, we're a global leader in institutional asset management. The 2nd largest life insurer in the US and the 9th largest institutional global asset manager.
At PFI Innovation Centre India, you’ll find a high-performance culture that’s flexible, collaborative and grounded in respect. We engage with candor, take calibrated risks, and hold ourselves accountable — always focused on delivering for our customers. It’s the standard we choose every day as we grow, perform, and win as one team.
We offer valuable leadership, mentoring and learning opportunities, paired with the flexibility and support to help you thrive.
Whether you're just starting out or ready to take your next step, we’ll help you grow with purpose and do the best work of your career.
Job Summary
Functions as a Director, Controls Testing within the First Line Information Technology Operational Risk (ITOR) group with accountability for a portfolio of technology and information/cyber security risk reviews across Global Technology and Operations (GTO) including the Enterprise Information Security Office (ISO), Chief Technology Office (CTO) Chief Data and Artificial Intelligence Office (CDAIO) groups including risks and controls of the company’s Enterprise Resiliency and Third Party Risk Management. This role leads multiple concurrent reviews and testing teams to ensure the effective and efficient completion of assessment activities for in scope areas of review coverage in accordance with department and industry standards. The individual drives the development of comprehensive risk assessments and review approaches to adequately evaluate the design and effectiveness of controls and ensures reviews are executed effectively. The individual maintains deep expertise in audit, risk and control methodology and the relevant technology and operations domains, provides day to day leadership and development for review teams and administrative direct reports (work planning, staffing, coaching, and performance feedback). and serves as a trusted partner to leaders in the first line and control functions the second and third lines.
Key Responsibilities
The Director, Controls Testing, is primarily responsible for leading the end-to-end delivery of one or more complex reviews while overseeing additional workstreams in parallel, from risk assessment and scoping through testing, issue development, reporting and closure. The role sets clear engagement strategy and expectations, structures an appropriate first line testing approach, and ensures consistent application of methodology, documentation standards, and quality controls. The individual proactively identifies and resolves workflow issues and escalates significant or atypical issues, as needed. The candidate has a deep understanding of testing practices, risk and control methodology and business or functional areas of responsibility. The role requires strong stakeholder management, including the ability to influence senior management, align on risk acceptance and remediation, and maintain effective partnerships with second and third line control functions. The individual is expected to lead and develop talent through coaching and review of workpapers, contribution to staffing and scheduling decisions, and fostering a continuous improvement mindset across the program.
What you can expect:
- Drive and continuously refine the annual first line review plan to cover information technology and information/cyber security risks globally, as well as other key initiatives driven by GTO in support of an evolving technology, security strategy (e.g., Cloud, DevOps, Automation) and operations functions.
- Serving as an information technology and information security expert for both vertical and horizontal review coverage.
- Partnering with first line teams across the globe to achieve consistent, coordinated, coverage of GTO related risks and controls.
- Build and maintain collaborative relationships across the GTO as well as with key stakeholders across the Company to facilitate the execution of the audit plan as well as the sharing of observations, information, and ideas.
- Ensure risks and exposures are clearly understood by key partners and gain consensus from management to understand, manage, and mitigate information technology and information/cyber security risks in line with an evolving business strategy.
- Monitor issues and trends throughout the year to recommend targeted enhancements to control design, testing, approach and governments in support of the advancement of the annual review plan.
- Remain current with industry views related to Cyber Security, Cloud, DevOps, information security, TPRM, and Resilience topics.
- Lead and execute engagements that meet the department’s methodologies and quality standards.
- Remain committed to personal advancement and educate others on key risks, controls, as well as support staff development, recruiting, performance management, and succession planning.
- Leverage data analytics and develop review programs in support of risk assessments, audit design, and execution related to key GTO risks.
- Assist and provide guidance to team on continuous monitoring meetings, year over year review coverage, aggregation of key issues for SLT members, and key stakeholder meetings.
Qualifications
-
8+ years of relevant experience gained through a combination of information security/technology, risk and/or audit related roles, including leading complex engagements and managing multiple concurrent deliverables. Specifically, experience in cloud operations, cyber security operations, vulnerability management or other IT operation-based specialist roles.
- Demonstrated expertise in the intricacies associated with a global company and its information technology/cyber security risk profile, including expanding regulatory requirements
- Strong knowledge of emerging topics and current analytical methods and techniques used to monitor and manage relevant risks.
- Track record of supervising, coaching, and developing talent; experience with work planning, staffing, and reviewing team deliverables for quality and consistency. Proven stakeholder management and influencing skills, with experience communicating complex topics to senior management and driving alignment on issues, ownership, and remediation.
-
Strong analytical and problem-solving skills, including the ability to leverage data, metrics, and analytics to inform scoping, testing strategy, and thematic insights.
-
Executive level communication skills, both oral and written, and the ability to partner effectively with multiple business groups, corporate areas, and second and third lines teams.
-
Bachelor’s degree related to technology, risk management, finance, or other quantitative fields of study
It’d be a plus if you had:
-
Experience in leveraging and/or performing data analysis in support of internal auditing.
-
Advanced degrees in information technology or cyber security are preferred: An MBA, CIA, CISA, CISSP and/or designations/certifications (e.g., AI, AWS Cloud Practitioner) that demonstrate proficiency in information technology, information security, and/or cyber security related risks and controls is a plus.