Role Title: Senior Technology Risk Management Specialist
Any specific tools/skillset:
- Similar experience of at least 5 years within the field of technology risk, controls and compliance
- Strong critical thinking and decision making skills
- Demonstrated strong analytical and investigative skills with regard to complex issues.
- Knowledge of security, IT process and control frameworks such as NIST, COBIT, ISO 27002, ITIL,
- Excellent business writing and communication skills, with great attention to detail
- Ability to aggregate and analyze quantitative and qualitative data.
- Ability to build a strong rapport with business teams and build consensus.
- Ability to manage multiple competing projects and priorities under time pressure without compromising quality.
- Ability to operate in an entrepreneurial environment – being a self-starter, results-oriented, and highly motivated while being effective in a fast-paced and evolving environment.
- One or more of the following would be considered an asset:
- College Diploma in Risk Management and/or Computer Science
- Undergraduate Degree or Postgraduate in Computer Science, Computer Engineering or a similar field
- Accreditations such as CISA, CRISC, CISSP, CISM
Role profile description:
RCS and KRI/KPI
- Educate and support technology and security leaders with the implementation of the newly developed requirements of risk indicators (KRI).
- Assist in preparing reports to highlight risks and impacts for executive reporting & proactively share with Regulators, Line 2, and Internal Audit
- Review “Return To Green” plan, facilitate discussions, and track regular implementation. Challenge and escalate, where necessary.
- Develop new KRIs/KPIs, review with technology leaders and 2nd line and lead efforts in their implementation.
Risk Assessment, Remediation and Reporting
- Facilitate technology risk assessments by implementing established risk assessment methodology.
- Facilitate discussions with risk owners in risk reduction efforts.
- Develop and present risk reports and dashboard.
- Assist in providing a holistic view of technology risk across the I&O organization.
Technology Risk Governance and Culture
- Drive consistency across the organization by establishing and maintaining technology risk management governance, technology risk & controls framework and technology & risk management processes.
- Promote technology risk culture across the organization.
Control Design and Effectiveness Assessment
- Assist in ongoing monitoring of compliance with policies and standards and enforce compliance with policies and standards across all levels of the organization.
- Provide guidance to Technology teams in the design, implementation, and continuous monitoring of controls that reduce a broad spectrum of technology operational risks.
- Support the design, implementation, and testing of technology controls.
- Support the Technology Risk & Control identification process
Risk Reductions and Gaps Remediation
- Track, receives updates and consolidates the remediation progress on all technology issues, audit findings, and policy/standard exceptions across the organization.
- Build and maintain a backlog of technology risk remediation work supported by a governance lifecycle and the implementation of management tools supported by technology.
Advise and Support
- Provide subject matter expertise in key technology risk management areas such as information security, operations, IT Resiliency, and technology delivery.
- Support Line 2 in their review and challenge of 1st line risk processes
- Support audit activities including ITGC testing.
- Support control testing activities including coordination of SOC2 and ISO 27001 compliance testing.
- Support the risk reviews of key initiatives and projects.
- Support the review and challenge of exceptions to enterprise policies and standards.
- Maintain SharePoint site with updated data and reports about controls, testing results, KRI data, audit findings and other relevant data.
The pay range that the employer reasonably expects to pay for this position is between CA$70.00 and CA$90.00
Our voluntary benefits offering includes medical, dental, vision and retirement benefits.
Applications will be accepted on an ongoing basis.
Tundra Technical Solutions would like to thank you for the interest you have demonstrated in this opportunity. However, only candidates with the required skills will be contacted.
Tundra Technical Solutions is an Equal Opportunity/Affirmative Action Employer. We welcome and encourage diversity in our workplace.
Not interested in this position, but know somebody who might be? Check out our Referral Reward Program, referrals are a big secret behind our success. As always, we’re on the lookout for great people. And we know that you know great people!
Tundra Technical Solutions is among North America’s leading providers of Information Technology and Engineering staffing and consulting services. Our success and our clients’ success are built on a foundation of service excellence. Rather than continually trying to sell to new clients and companies and simply filling databases with candidates, we focus on developing stronger relationships and deeper knowledge of our existing clients’ challenges and opportunities.
Open ears. Open minds. Open futures