Manager, It Risk & Governance Oversight

Questrade Financial Group (QFG) of Companies is committed to helping our customers become much more financially successful and secure.

We are everything a traditional financial institution is not. At QFG, you will be constantly moving forward, bringing the future of fintech into existence. You will be a part of a collaborative team that cares deeply about our mission and each other. Your team members will help you conquer challenges, push boundaries and discover what you are truly capable of.

This is a place where you can explore, discover and learn with continuous growth. As a diverse and inclusive place to work, there are flexible working arrangements so you can unleash your creativity and curiosity with no limits. If you share the same sense of infinite possibility, come shape your future at Questrade.

We’re looking for our next Manager, IT Risk & Governance Oversight. Could it be you?

Community Trust Company (CTC) is a member of the Questrade Group of Companies (QFG), which currently includes Questrade Inc., QuestEnterprise, Questrade Wealth Management Inc., CTC, Think!nsure Ltd., and Zolo Ventures Ltd.

What’s in it for you as an employee of QFG?

• What’s it like working as a Manager, IT Risk & Governance Oversight at Community Trust Company?
• Career growth and development opportunities
• Paid vacation, personal, and sick days for work-life balance
• Competitive compensation and benefits packages
• Opportunities to contribute to community causes
• Hybrid and flexible work arrangements
• Health & wellbeing resources and programs
• Work with diverse team members in an inclusive and collaborative environment

What’s it like working as a Manager, IT Risk & Governance Oversight at Community Trust Company?

The Manager, IT Risk & Governance Oversight will report to a CTC Senior Manager and play a key role in monitoring the management of IT and Cyber related risks.

The responsibilities include working with the fully outsourced IT/Cyber teams at the parent group, Questrade Financial Group (QFG), teams across the three lines of defence, and other stakeholders to design, implement and maintain an IT Risk Management Framework and associated processes that are aligned with CTC’s Enterprise Risk Management Framework and enterprise goals, and are conducive to the IT services management arrangements in place. The incumbent will assess IT controls, provide effective challenges to the first line activities, report regularly on quality performance and provide recommendations to enhance the overall security and resilience of the company's IT & Cyber Security posture.

While the successful candidate will operate as part of the Risk Management team, they will be the subject matter expert on all IT topics within the department and have to collaborate with external departments on a regular basis.

Need more details? Keep reading...

In this role, responsibilities include but are not limited to:

• Monitor and review IT risk indicators, including Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs), to identify emerging risks and provide timely challenge to the first line and reporting to senior management
• Develop and deliver training programs and awareness campaigns to enhance the organization's IT risk management culture among employees
• Collaborate with other risk teams to provide IT risk evaluation and management support in their respective processes, such as due diligence process while onboarding a vendor etc.
• Conduct periodic risk assessments and gap analyses to identify areas of IT risk exposure, such as cybersecurity threats, data breaches, system vulnerabilities, and compliance issues
• Collaborate with cross-functional teams to assess and evaluate IT controls, identify potential vulnerabilities, and recommend appropriate risk mitigation measures
• Stay up-to-date with industry best practices, regulatory requirements, and emerging trends in IT risk management to ensure the organization's risk mitigation strategies are effective and in line with industry standards
• Build and maintain effective relationships with key stakeholders, including IT teams, first and second line business units, and external partners, to promote a collaborative approach to IT risk management
• Monitor, challenge and communicate key cybersecurity metrics
• Apply expert knowledge of industry trends and quality assurance to help Community Trust improve its processes and efficiency of IT related oversight controls
• Collect, analyze and aggregate IT performance and risk metrics for reporting and internal control validation and attestation
• Report and advise senior management on risk levels and security posture
• Collaborate with internal audit and other teams to support IT audits and regulatory findings, and regulatory compliance assessments, providing expertise on IT risk-related matters
• Develop and maintain the IT risk management framework, policies, and procedures to identify, assess, and manage IT risks throughout the organization
• Review, report and provide effective challenges to the status and performance of IT services and first line reporting
• Develop dashboards and other visualizations to present IT risk in various aspects of the business
• Assist in incident response and investigation activities related to IT risk incidents, ensuring appropriate actions are taken to prevent reoccurrence

So are YOU our next Manager, IT Risk & Governance Oversight? You are if…

• Proficient in data protection controls
• Minimum 5 years of experience in a similar role, preferably within the financial services industry
• Strong understanding of identity and access management systems and controls
• Understanding of applicable Canadian regulations
• A university/college degree in information technology, information security or related fields
• Experience in conducting maturity assessments, control assessments and control testing
• Understanding of a broad set of industry best practices (COBIT, ITIL, NIST, ISO)
• Good written, oral and interpersonal communication skills and keen attention to detail
• Experience in working with an OSFI regulated entity
• Experience in a Quality Assurance leadership role
• Holds industry recognized certifications such as CRISC, CISA, CISM, CISSP, ISO 27K, or actively working towards them
• Experience and a good understanding of regulations related to card payments, such as PCI-DSS (good to have)

At Questrade Financial Group of Companies, with multiple office locations around the world, we are committed to fostering a diverse, inclusive and accessible work environment. This is an environment where individuals are treated with dignity and respect. Here, the unique skills and experience you bring will be valued. You will be supported and motivated, so that you can harness your unlimited potential. Our team reflects the diversity of the communities we serve and operate in. Having a collaborative and diverse team helps us push boundaries to bring the future of fintech into existence—not only for the benefit of our customers, but for those who build their career with us.

Candidates selected for an interview will be contacted directly. If you require accommodation during the recruitment/selection process, please let us know and we will work with you to meet your needs.

Apply Now