It Risk And Governance Specialist Jobs

Deep understanding of regulatory requirements and control frameworks (NIST) in the area of Identity and Access Management

Consult business and application teams on Identity and Access management norms and standards

Establishes / develops guidelines and controls together with the global ITRS Identity and Access Management team

Manages the life cycle of SoD rules including training and communication campaigns

Financial services industry and IT audit experience is strongly favoured

Applicable Risk or Security-based certifications

Extensive knowledge of governance, risk management, and compliance best practices, methodologies, and applicable laws and regulations.

Excellent leadership and team management skills, with proven ability to work effectively at all levels of the organization.

Ensure and maintain a comprehensive risk management framework, including risk identification, measurement, mitigation, and monitoring strategies.

Collaborate with cross-functional teams to enhance risk management practices and ensure risk awareness is continually embedded throughout the organization.

Policy Development and Management: Elevate, manage, and maintain comprehensive GRC policies and procedures.

Minimum 5 years of experience in a similar role in a tech company, preferably in a publicly traded company.

Extensive knowledge of governance, risk management, and compliance best practices, methodologies, and applicable laws and regulations.

Excellent leadership and team management skills, with proven ability to work effectively at all levels of the organization.

Ensure and maintain a comprehensive risk management framework, including risk identification, measurement, mitigation, and monitoring strategies.

Collaborate with cross-functional teams to enhance risk management practices and ensure risk awareness is continually embedded throughout the organization.

Policy Development and Management: Elevate, manage, and maintain comprehensive GRC policies and procedures.

Minimum 5 years of experience in a similar role in a tech company, preferably in a publicly traded company.

Excellent interpersonal and management skills

Solicit feedbacks from IT staff / management and draft responses to internal / external audit findings.

Supports IT department in continuous process improvements and management of special projects.

Degree/diploma in Information Technology, Business Management, Engineering, or related field.

Competitive benefits plan, including a Defined Benefit pension plan

Experience in IT Governance, Cloud Governance, and Data Governance practice, DevOps environment and digital product delivery.

Utilize simulation and modeling (energy and material balances, utilities and catalysts requirement, effluents and specifications, etc.) of refining and petrochemical units.

Actively participate in a knowledge sharing network.

Excellent communication, presentation, interpersonal, and networking skills.

Provide technical support for capital projects involving petrochemical units at various stages of execution (pre-feasibility, feasibility, basic and detailed engineering).

Lead the carbon lifecycle evaluation process of projects from crude distillation all the way to polymerization.

Identify carbon footprint reduction opportunities between refining and chemicals.

Develops and maintains in-depth knowledge of business and related risk management requirements and legislative/ regulatory directives and guidance.

Coordinates the management of databases; ensures alignment and integration of data in adherence with data governance standards.

Assists with the coordination and management of the review and sign-off of relevant regulatory reporting.

Technical proficiency gained through education and/or business experience.

Broader work or accountabilities may be assigned as needed.

Verbal & written communication skills - In-depth.

Education in/knowledge of one or more of the following areas is an asset: project management, process improvement, business analysis

Superior organizational and time-management skills.

Bachelor's Degree or acceptable combination of equivalent education and experience.

Experience workingclosely with university faculty and administration in an orientation, training, and advising setting and with demonstrated service skills and professionalism.

Experience advising clients on policies, procedures, and deadlines and in use of administrative tools and technology.

Experience in developing and presenting information on business processes to a wide range of audiences.

Develop and maintain the IT risk management framework, policies, and procedures to identify, assess, and manage IT risks throughout the organization

Develop and deliver training programs and awareness campaigns to enhance the organization's IT risk management culture among employees

Report and advise senior management on risk levels and security posture

Strong understanding of identity and access management systems and controls

Competitive compensation and benefits packages

What’s it like working as a Manager, IT Risk & Governance Oversight at Community Trust Company?

Minimum of ten (10) years of experience working as an IT Risk and Compliance Management Specialist

Minimum of five (5) years of experience leading an IT Risk and Compliance Management function

Develop and implement the IT Risk and Compliance Management framework, processes and tools

Excellent organizational, interpersonal and written communication skills

Knowledge of security, IT process and control frameworks such as COBIT, ISO 27002, ITIL, TOGAF

Bachelors degree in Computer Engineering, Computer Science, Commerce or an equivalent field

Equipped with strong knowledge and experience managing the development and delivery of IT security standards, best practices, and systems?

Responsible for defining and establishing operational processes for all identity and lifecycle management aspects.

Bachelor's degree from an accredited college/university; also Risk Management credentials such as Certified Risk Manager (RIMS) or ISO 31000, preferred

Knowledge and experience with technology that supports governance, risk controls (GRC) initiatives and processes are desirable.

Manage and implement remediation plans, ensuring observations from Internal Audit, External Audit and/or regulators are assessed and actioned quickly.

Work with business and technology leads to influence and balance controls with functional requirements.

3 - 5 years of experience in vendor/contract management and/or project management in an Information Technology Procurement function is preferred.

Experience working in a global IT Service environment with vendor relationship/portfolio management experience.

In-depth IT operations knowledge; Data center hardware, Software management, Compliance.

Working knowledge of Risk Management standard and frameworks (NIST, ISO, COSO, etc.)

Strong organization and time management skills.

Identify and document all third-party risks in the IT Risk register in alignment with the IT Risk management program

Experience in Engineering/Professional Services industry, managing cross-functional teams or projects, and influencing senior-level management and key stakeholders

Expertise in budget planning, financial management and workforce management

Ability to improve operational efficiency, service delivery and information management across the IT organization

Bachelor's or master's degree in business administration or related field, or equivalent work experience

12 or more years in IT and business/industry, with a minimum of five to seven years of leadership responsibilities

Excellent oral and written communication skills, including the ability to explain technology solutions in business terms

Excellent organizational, interpersonal and time management skills with the ability to multi-task

Constant communication with employees, peers, and management

· Associates Degree or Diploma in Computer Science or equivalent, or Risk Management.

Strong knowledge of general PC computer systems.

Relevant work experience in governance, compliance and/or audit with experience.

Ability to interpret and operationalize regulatory requirements.

Is responsible for assuring CUCM stays in compliance with both regulatory & statutory requirements

2-4 years of related experience

Excellent organizational and planning skills, including the ability to coordinate large volumes of materials and work to concurrent and/or conflicting deadlines

Demonstrated ability to communicate effectively with all levels – directors, managers, external organizations.

Strong analytical, problem-solving, and decision-making skills

is responsible for assuring CUCM stays in compliance with both regulatory & statutory requirements

Good knowledge of operational risk management industry best practices for Capital Markets products

Previous FO, functions and/or Audit or Risk Management experience is an asset

Document and communicate business/technical requirements, manage the pipeline of enhancements, and providing supporting information as required for maintenance;

Strong analytical skill and experience using business analysis and database querying tools

Bachelor’s degree in Computer Science, Business Administration or Finance preferred

Strong presentation, communication (verbal and written), and interpersonal skills

Familiarity with vulnerability management programs, security architecture reviews, technical and physical security assessments

Identify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence

LOCATION: Remote - Canada only (TimeZone: EST | Partial overlap)

Experience developing security analysis documentation and recommended remediation actions

General knowledge of network topologies, security architectures, security solutions, tools, and IT Policies and standards

Experience with interfacing and presenting to C-level executives

Familiarity with vulnerability management programs, security architecture reviews, technical and physical security assessments

Identify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence

LOCATION: Remote - Canada only (TimeZone: EST | Partial overlap)

Experience developing security analysis documentation and recommended remediation actions

General knowledge of network topologies, security architectures, security solutions, tools, and IT Policies and standards

Experience with interfacing and presenting to C-level executives

Familiarity with vulnerability management programs, security architecture reviews, technical and physical security assessments

Identify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence

LOCATION: Remote - Canada only (TimeZone: EST | Partial overlap)

Experience developing security analysis documentation and recommended remediation actions

General knowledge of network topologies, security architectures, security solutions, tools, and IT Policies and standards

Experience with interfacing and presenting to C-level executives

Familiarity with vulnerability management programs, security architecture reviews, technical and physical security assessments

Identify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence

LOCATION: Remote - Canada only (TimeZone: EST | Partial overlap)

Experience developing security analysis documentation and recommended remediation actions

General knowledge of network topologies, security architectures, security solutions, tools, and IT Policies and standards

Experience with interfacing and presenting to C-level executives