Technology Risk & Governance Consultant

ProViso Staffing
Old Toronto
CAD 80,000 - 100,000
Job description

Story Behind the Need

Business group: Internal Controls and Regulatory Management
Project: IT Risk Management team plays an important role in the Bank’s Three Lines of Defense Framework, providing First Line of Defense for client and the Bank for all technology risk domains, including Cyber Security, Data Privacy, Software Currency, Disaster and Backup Recovery, Third Party Management, and Audit and Regulatory issue remediation.
Reason: new requirement

Candidate Value Proposition:

There are many exciting opportunities to grow in the areas of technology governance, risk management of technology and cyber security risks, and work with many cross-functional teams within the Bank. Be a part of dynamic team with focus on process improvements and automations.

Typical Day in Role:

The main responsibility includes but not limited to: Review and revise as needed the IT and cyber security risk assessment processes, results, and artifacts to reduce overlaps and gaps and to produce results that are reusable, complete, accurate, current, can be aggregated, and are consistently actioned.
Document a consolidated view of, and consistent aspects of the approach (e.g., taxonomy) to, the IT and cyber risk assessment program is required to enable consistency, completeness, and accurate information in support of governance, oversight, and reporting. Initial tasks that will need to be completed include, but are not limited to:

  1. Create a risk assessment universe, for IT and cyber specific assessments and to clarify the role of each assessment and certain aspects of organizational assessments (e.g., using an IT process taxonomy and a risk taxonomy)
  2. Develop a clear standard to align and aggregate results, and to assess and treat IT and cyber security gaps from risk assessments
  3. Deploy the risk assessment universe, and capabilities to support the expectations of the standard, in an appropriately robust tool including workflows and consistent documentation.

Candidate Requirements/Must Have Skills:

• Candidates should have a breadth of IT, and/or non-financial Risk management experience (governance, operations, audit, control functions, compliance, risk management) over 10+ years.
• Requires strong working knowledge in IT Risk management experience in 5+ areas including but not limited to; systems design, security, availability/stability/resiliency, disaster recovery, third party risk management, change management, release management, audit, regulatory risk, logical access, software currency. Exposure to cloud controls would be an asset.
• Knowledge of banking businesses including related systems, procedures, regulations expected. Additional merit awarded for experience in relevant portfolio business line.
• Strong PPT presentation design and delivery expected as part of the leadership team. Data Analytics and Visual dashboarding would be desirable.
• Knowledge or understanding of Risk / Control frameworks is desirable (ITIL, ISO, COBIT, NIST).

Nice-To-Have Skills:

• Big 4 consulting experience will be an asset.
• Additional relevant Certifications would be an asset – ITIL V3 Foundation Cert. in ITSM, COBIT, CRISC, CISSP.
• Experience with technology and cyber security risk assessments, including Threat Risk Assessments, self-risk control assessments, vulnerability assessments, etc.

Soft Skills:

• Possessing a diverse set of skills and knowledge across various fields, enabling adaptability and a broad perspective in problem-solving.
• The ability to reason systematically and evaluate information objectively to make sound decisions and solve complex problems.
• Examining and interpreting data to extract meaningful insights, identify trends, and support decision-making processes.
• Effectively engaging and communicating with all parties involved in a project to ensure their needs and expectations are met.
• The ability to convey information clearly and effectively, both verbally and in writing, to various audiences.
• Of managing tasks and responsibilities autonomously, requiring little oversight to achieve goals.
• Driven by personal initiative and a strong internal desire to achieve and excel without needing external encouragement.
• The ability to plan, prioritize, and manage time and resources efficiently to achieve objectives.

Education:

Bachelor’s degree in computer science, Engineering, Business Commerce, or equivalent experience.

Best VS. Average Candidate:

Well rounded candidate with soft skills and must have skills.

Candidate Review & Selection:

1st round – Director & Team member –in-person preferred / MS teams – 45mins.
2nd round – With stakeholders of the role – MS teams – 30mins
The team will be assessing both soft and technical skills.

Job Details

Job ID: 12621

Contract Duration: 12 months

Location: Toronto

Get a free, confidential resume review.
Select file or drag and drop it
Avatar
Free online coaching
Improve your chances of getting that interview invitation!
Be the first to explore new Technology Risk & Governance Consultant jobs in Old Toronto