Cyber Risk Validation Consultant || Auburn Hills, Michigan

• Execute comprehensive validation and testing of remediated Cybersecurity risk issues to ensure effective closure, sustained compliance, and prevention of recurrence across regulatory frameworks including SOX, FFIEC, OCC, Fed guidance, and other applicable financial services regulations

• Review and analyze original regulatory findings, management responses, and proposed remediation plans
• Classify issues by regulatory framework (SOX, FFIEC, GLBA, etc.), severity level, and business impact
• Establish validation scope, timing, and resource requirements for each remediation effort
• Coordinate with management to understand implemented controls and process changes

• Design comprehensive testing procedures tailored to specific regulatory requirements and issue types
• Establish sampling methodologies for large populations or system-wide implementations
• Define evidence requirements and documentation standards for validation activities
• Create validation workpapers and testing templates aligned with regulatory examination standards

• Evaluate the adequacy of control design to address identified regulatory deficiencies
• Assess whether implemented controls align with regulatory expectations and industry best practices
• Review control documentation, process flows, and procedural updates for completeness and accuracy
• Validate control ownership assignments and responsibility matrices

• Confirm remediation activities address root causes identified in original regulatory findings
• Verify compliance with specific regulatory guidance, circulars, and examination manual requirements
• Assess integration with existing control framework and potential control gaps or overlaps
• Review management's consideration of similar risks across the organization

• Test operating effectiveness of remediated controls through substantive testing procedures
• Perform walkthrough procedures with control owners to understand implementation and execution
• Execute transaction testing, system configuration reviews, and exception handling validation
• Assess control frequency, timing, and consistency with documented procedures

• Evaluate control performance over a sufficient period to demonstrate sustained effectiveness
• Test control execution across different business cycles, volumes, and operating conditions
• Review management monitoring activities and self-assessment procedures
• Validate exception identification, escalation, and resolution processes

• Evaluate completeness and accuracy of remediation evidence and supporting documentation
• Review policy updates, procedural changes, and training materials for adequacy
• Assess management reporting mechanisms and governance oversight documentation
• Validate record retention and audit trail requirements compliance

• Test accuracy and completeness of management information systems and reporting
• Review exception reporting, key risk indicators, and performance metrics
• Validate escalation procedures and management response protocols

Kanak Elite Services Inc