Haystack
← Back to Jobs
Other

Control Design & Modernization Specialist

Randstad DigitalPA🇺🇸United StatesPosted 17 Jul 2026

Quick Overview

Salary
$59 - $64/hr
Work Type
Hybrid
Level
Mid Senior

Job Description

job summary:

Role Overview


As part of Client's GRC Modernization Program, we are seeking experienced Control Design & Modernization Specialists to help transform and standardize the control environment across Enterprise Security & Fraud (ES&F). This role is focused on designing the future-state control framework. Successful candidates will review existing policies, standards, risk assessments, audit observations, regulatory requirements, and current controls to identify opportunities for simplification, standardization, automation, and Continuous Controls Monitoring (CCM). Working closely with control owners, risk partners, and subject matter experts, you will design actionable, measurable, and scalable controls that support Client's evolving risk, regulatory, and business needs.


Key Responsibilities


Control Assessment & Discovery


Review policies, standards, procedures, risk assessments, audit findings, regulatory requirements, and existing control inventories.


Assess current-state controls to identify gaps, overlaps, redundancies, and opportunities for improvement.


Evaluate existing control frameworks against industry best practices and regulatory expectations.


Future-State Control Design


Design and document future-state controls that are risk-based, measurable, testable, and scalable.


Develop clear control objectives, control activities, ownership models, evidence requirements, and implementation guidance.


Rationalize and standardize controls across multiple ES&F functions to improve consistency and effectiveness.


Design controls with automation and Continuous Controls Monitoring (CCM) capabilities in mind.


Stakeholder Engagement


Facilitate workshops and working sessions with security, technology, risk, compliance, audit, and business stakeholders.


Challenge legacy approaches and drive alignment on future-state control designs.


Build consensus across diverse stakeholder groups and ensure control designs meet business and regulatory expectations.


GRC Modernization Support


Contribute to the development of enterprise control libraries, control standards, taxonomies, and framework mappings.


Support broader GRC modernization initiatives focused on improving control effectiveness, reducing complexity, and enabling scalable assurance.


Identify opportunities to leverage automation, analytics, AI, and modern GRC practices to enhance control maturity.





location: Malvern, Pennsylvania

job type: Contract

salary: $59.18 - 64.18 per hour

work hours: 8am to 5pm

education: Bachelors



responsibilities:

Role Overview


  • As part of Client's GRC Modernization Program, we are seeking experienced Control Design & Modernization Specialists to help transform and standardize the control environment across Enterprise Security & Fraud (ES&F). This role is focused on designing the future-state control framework. Successful candidates will review existing policies, standards, risk assessments, audit observations, regulatory requirements, and current controls to identify opportunities for simplification, standardization, automation, and Continuous Controls Monitoring (CCM). Working closely with control owners, risk partners, and subject matter experts, you will design actionable, measurable, and scalable controls that support Client's evolving risk, regulatory, and business needs.


Key Responsibilities


Control Assessment & Discovery


  • Review policies, standards, procedures, risk assessments, audit findings, regulatory requirements, and existing control inventories.
  • Assess current-state controls to identify gaps, overlaps, redundancies, and opportunities for improvement.
  • Evaluate existing control frameworks against industry best practices and regulatory expectations.


Future-State Control Design


  • Design and document future-state controls that are risk-based, measurable, testable, and scalable.
  • Develop clear control objectives, control activities, ownership models, evidence requirements, and implementation guidance.
  • Rationalize and standardize controls across multiple ES&F functions to improve consistency and effectiveness.
  • Design controls with automation and Continuous Controls Monitoring (CCM) capabilities in mind.


Stakeholder Engagement


  • Facilitate workshops and working sessions with security, technology, risk, compliance, audit, and business stakeholders.
  • Challenge legacy approaches and drive alignment on future-state control designs.
  • Build consensus across diverse stakeholder groups and ensure control designs meet business and regulatory expectations.


GRC Modernization Support


  • Contribute to the development of enterprise control libraries, control standards, taxonomies, and framework mappings.
  • Support broader GRC modernization initiatives focused on improving control effectiveness, reducing complexity, and enabling scalable assurance.
  • Identify opportunities to leverage automation, analytics, AI, and modern GRC practices to enhance control maturity.




qualifications:

Qualifications


Required Qualifications


8+ years of experience in cybersecurity, risk management, governance, compliance, controls design, internal audit, or related disciplines.


Proven experience designing, enhancing, or transforming controls within financial services or other highly regulated industries.


Robust experience translating policies, standards, risks, audit findings, and regulatory requirements into effective control designs.


Deep understanding of control lifecycle management, including control design, implementation, testing, monitoring, remediation, and continuous improvement.


Demonstrated ability to lead workshops and influence senior stakeholders.


Robust analytical, documentation, and problem-solving skills.


Excellent written and verbal communication skills.


Preferred Qualifications


Experience supporting large-scale GRC modernization, control transformation, or cybersecurity governance initiatives.


Experience designing controls for Continuous Controls Monitoring (CCM) and automated assurance capabilities.


Knowledge of AI Governance, AI Risk Management, and emerging AI-related regulatory requirements.


Experience developing control libraries, taxonomies, framework mappings, and enterprise control standards.


Robust knowledge of:


NIST Cybersecurity Framework (CSF)


NIST 800-53


ISO 27002


CIS Controls


COBIT


Consulting, risk advisory, internal audit, or Big Four experience robustly preferred.


Professional certifications such as CISSP, CISM, CISA, CRISC, CIA, or CPA preferred.




Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.


Any consideration of a background check would be an individualized assessment based on the applicant or employee's specific record and the duties and requirements of the specific job.



Skills

401k
CPA
Compliance
Continuous Improvement
Internal Audit
Risk Management

Similar jobs