Manager, Technology Risk - Toronto, Canada - Tangerine

Tangerine

Verified Company

Toronto, Canada

3 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Requisition ID: 191942

Tangerine is Canada's leading direct bank. We offer flexible and accessible banking options, innovative products, and award-winning Client service. The reason why Tangerine employees come to work each day is to help Canadians live better lives. We focus on making a difference in our communities, and that includes our own internal community. It's important to us that our employees feel empowered and enthusiastic about belonging to our Orange culture.

As Canada's leading digital bank, Tangerine technology is at the heart of everything we do.

We have redefined what digital banking is, and we continue to evolve to tackle any opportunity and face every challenge through progressive technology and the power of collaboration.

Do you like new challenges? Are you ready to reach new heights in your career and become part of an established disruptor? If so, come join us and help redefine the Canadian banking landscape

What you will be doing:

Tangerine IT Risk Management team plays an important role in the Bank's Three Lines of Defense Framework, providing First Line of Defense for Tangerine and the Bank for all technology risk domains, including Cyber Security, Data Privacy, Software Currency, Disaster and Backup Recovery, Third Party Management, and Audit and Regulatory issue remediation.

There are many exciting opportunities to grow in the areas of risk management, business technology development and work with many cross-functional teams within the Bank

Reporting to the Director of IT Risk Management, the Manager, IT Risk is a key contributor for the development and execution of an enterprise IT Risk Management Program.

Is this role right for you? In this role, you will:
The role of Manager, IT Risk is focused on three key functions:

IT Risk Governance

Maintain the compliance oversight of Scotiabank's security and risk management framework, policies and standards for managing risks to its information assets and systems.
Identify, assess, prioritize and report on material IT risks and aligned business areas. This will require working with various Risk owners / ambassadors and other control function groups.
Liaise with Scotiabank counterparts to identify evolving requirements.
Monitor evolving industry best practices, regulatory and legislative requirements;
Provide 1st Line of Defence functions with ongoing guidance to support the implementation of, and compliance to established IT and security requirements.
Conduct risk assessments and ensure that assessments and outputs are recorded in enterprise tools; support IT risk control testing and monitoring and help Risk Owners with remediation plan.
Perform various types of data analysis work and prepare monthly / quarterly reporting.

IT Risk Advisory

Provide direction to Tangerine's functional teams to build their capability to identify, assess, mitigate and monitor risks associated with their use of information and IT systems.
Oversee IT / security risks and controls associated with GCP Cloud and IT Operations. Conduct control testing, where require, offer direction for the assessment, treatment and monitoring of risks, and inclusion of appropriate contractual security terms and conditions.
Analyze and respond to risk assessment requests assigned to IT Risk Team.
Lead advocacy and build positive culture for the management of IT and security risks. Deliver ongoing counsel to risk owners to create IT risk awareness and acumen; communicating the business value of security and IT risk management practices.

IT Risk Reporting & Compliance Monitoring

Take ownership if KPI and drive compliance below the risk appetite.
Establish monthly reporting of KPI dashboard. Coordinate reporting with BNS analytics team.
Maintain Tangerine's IT KPIs and KRIs within risk appetite for the IT domains assigned.
Lead engagement with Tangerine's 2nd and 3rd Line of Defense function to influence the focus, scope and criteria for the testing of the Bank's IT risk capabilities.
Ongoing monitor and track issues raised by Internal Audit, assist risk owners to ensure remediation is completed within predefined timelines and risk is addressed appropriately

Do you have the skills that will enable you to succeed in this role? We'd love to work with you if you have:

College or University degree, or equivalent experience.
5+ years' experience in a technology operations, risk management, cyber security, audit or corporate governance role.
Good working knowledge of risk management (governance, operations, audit, control functions, compliance, and risk management) and Tangerine Banking business and processes.
General knowledge in regulatory, legislative and industry requirements governing the management of technology systems and information (PIPIEDA, OSFI, PCI-DSS, NIST, etc.).
Strong communication and collaboration skills, supported by welldeveloped logical and analytical competencies.