Specialist, Risk Reporting - Toronto, Canada - TD Bank

TD Bank

Verified Company

Toronto, Canada

2 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

398215BR

Risk Management

Toronto, ON

February 2, 2023

Company Overview

Department Overview

The independent Operational Risk Management (ORM) team works in partnership with the business units and corporate groups of TD Bank Group to further the understanding and management of operational risk across the enterprise.

Job Description:

The ORM E-Tech Technology Risk Governance Specialist will partner with the first line of defense to oversee and challenge the execution of risk management activities and leading practices/technologies used to keep up with the constantly evolving cyber threat landscape.

Reporting to the Senior Manager, ORM E-Tech Risk Reporting, this role will work cross-functionally with the 1st line and other risk groups and will have the following accountabilities:

Support delivery of 2nd line challenge / oversight activities required to execute on the ORM Framework, including but not limited to:
Support 1LOD Reporting oversight through submission to relevant risk committees monthly post review with Senior Leadership
Manage planning and execute work to deliver all reporting deliverables timely, accurately and efficiently
Ensures strong governance and effective controls across risk reporting activities in accordance with the enterprise standards and guidelines.
Manage the reporting oversight of Business Segment Technology Risk packages by 1LOD and ensuring timely submission and participation in Technology Risk Councils (TRCs)
Maintain and govern a centralized repository of all reporting deliverables and oversight documentation
Maintain a strong culture of effective 2A risk management and control, supported by effective processes in alignment with risk appetite
Support the delivery of other Technology Risk Reporting to relevant risk committees of the bank
Support and deliver tasks related to risk reporting driven from specialized projects, regulatory oversight, audit queries or senior leadership requests
Maintain effective relationships across lines of defense and risk partners to influence quick action and decision making
Demonstrate leadership and effective decision making in a fastpaced environment.
Review and Challenge KRI inventory and coverage
Support Annual Updates to the Enterprise Technology and Cyber Risk Appetite measures (RAS)
Provide expertise in designing effective and riskbased challenge approach
Support efficiency initiatives as necessary
Support ORM ETech challenge activities of technology risk identification, assessment, reporting and monitoring on a riskbased approach in areas such as:
Technology risk assessment results of significant technology projects or business projects with significant technology components
Special initiatives on emerging risk or regulatory/industry requirements, and
Enterprise Cybersecurity and technology operational processes
Participate and provide risk intelligent inputs at relevant Risk Forums and councils.
Interface with ORM ETech executives and senior management, preparing materials for socialization and providing guidance and advice related to regulatory activities, reporting opinion and for facilitating awareness and mitigation of potential areas of risk
Develop, implement, and operationalize the Stakeholder Engagement Model related to Technology Risk Governance
Supports responses to various regulatory requests and audits

Requirements:

Demonstrated ability to own and lead, providing leadership and direction by setting context, defining requirements and accountabilities, tasks and assignments across stakeholder's risk assessments and related challenge activities
Strong collaboration and communications (oral and written) skills, and demonstrated ability to digest complex information and summarize in a clear, concise fashion (for executivelevel consumption) with excellent documentation and presentation creation ability
Indepth knowledge of technology and cyber risk and related risk management frameworks, processes, and tools
Keep abreast of emerging risks and technologies
Good understanding of regulatory and control requirements such as FFIEC, ISO 2700x, and NIST standards
Maintain a culture of risk management and control, supported by effective processes in alignment with risk appetite
Energetic, enthusiastic, proactive selfstarter willing to "roll up the sleeves" to deliver results in the shortterm while building for the longterm; agile, adaptable, 'cando' attitude, high degree of responsiveness and initiative
Financial industry experience preferred
Ability to operate effectively in a matrix environment
Works independently and regularly handles non routine situations

Education & Accreditation