-
Security Governance Risk Advisor
2 days ago
Sun Life Toronto, Canada Temps pleinDescription · de poste: What will you do? · Provide support to Sun Life Business Groups by conducting security risk assessments, ensuring alignment with security policies and directives with a specific focus on implementation of controls in applications and infrastructure serv ...
-
Manager, Governance Risk
1 week ago
SkipTheDishes Toronto, CanadaLocation: Toronto or Winnipeg (Hybrid) · Attention-to-detail: high. Thought process: analytical. Intended result: a prosperous future — for you and Skip. As part of the Skip Finance team, you will work alongside business and technology leaders in a first line of defense capacity ...
-
Associate - Governance and Risk Reporting
23 hours ago
Royal Bank of Canada Toronto, Canada**Job Summary** · Develops and implements global risk management reports, systems, and processes to minimize investments risks. Applies experience and seasoned knowledge, skills, and practices to perform a variety of assignments. · **What is the Opportunity?** · This role is part ...
-
Manager, IT Governance, Risk and Controls
5 days ago
Questrade Financial Group Toronto, CanadaQuestrade Financial Group (QFG) of Companies is committed to helping Canadians become much more financially successful and secure. We are everything a traditional financial institution is not. Our vision is to revolutionize financial services for the benefit of Canadians by provi ...
-
Governance, Compliance and Risk Specialist
6 days ago
Re-Solved Toronto, Canada**Canada (Remote)**: · **About reSolved**: · **We partner with organizations that do good, so they can be better. Because we believe there is always a better way**. Our clients have a clear purpose and vision. They are the leaders, innovators, allies, and dynamos solving society' ...
-
Werkstudent Governance Risk
3 days ago
KPMG-Netherlands Toronto, CanadaWerkstudent Governance Risk & Compliance Services · Bij Internal Audit & Risk Management analyseer je wat er binnen een organisatie speelt door operationele processen in kaart te brengen. Help jij ze met risico's vaststellen? Startdatum 1 september 2024, overige startdatums in ov ...
-
BMO Financial Group Toronto, Canada250 Yonge Street Toronto Ontario,M5B 2L7 · As Governance, Risk and Compliance specialist, you will support the Cyber Security Center of Excellence in the effective implementation, maintenance and administration of first line of defense (1st LOD) programs (e.g., operational risk, ...
-
Genesys Ontario, CanadaBuild something new with a world-class team. · At Genesys, we allow our employees to make their mark by entrusting them to make decisions and do what they've been hired to do: their very best. Your potential is waiting; why are you? · The Information Security Governance, Risk & C ...
-
Avp, Security Governance and Risk Management
23 hours ago
Sun Life Toronto, CanadaYou are as unique as your background, experience and point of view. Here, you'll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspir ...
-
Jr. Analyst, Security Governance, Risk
5 days ago
Aecon Group Toronto, Canada**Build Your Career at Aecon** · Aecon is proud to build some of the most impactful infrastructure projects of this generation. From the roads and transit systems that connect our communities, to the communication networks that link us from coast-to-coast, and the water infrastru ...
-
Senior Consultant, Risk and Governance
2 days ago
CIBC Toronto, Canada Temps pleinNous bâtissons une banque axée sur les relations pour un monde moderne. Nous recrutons des professionnels talentueux et passionnés qui ont à cœur de faire ce qu'il faut pour nos clients. · À la Banque CIBC, nous misons sur vos forces et vos ambitions pour vous donner le pouvoir ...
-
TD Bank Toronto, Canada**AVP - eGRC Technology (Enterprise Governance, Risk & Control)**: · BR · **Job Category - Primary** · - Technology Solutions · **Work Location** · - TD Centre - TD Tower - 66 Wellington Street West · **Employment Type** · - Regular · **City** · - Toronto · **Time Type** · - Full ...
-
TD Bank Toronto, Canada417982BR · Technology Solutions · Toronto, ON · August 28, 2023 · Hours · 37.5 · Workplace Model · Hybrid · Pay Details · Department Overview · The eGRC Technology Team at TD is accountable for the enterprise vision, strategy, and standards for Enterprise Governance, Risk and Con ...
-
IT Risk and Governance Specialist
5 days ago
Allstate Canada Markham, Canada**Who is Allstate**: · Allstate Insurance Company of Canada is a leading home and auto insurer focused on providing its customers prevention and protection products and services for every stage of life. The company is proud to have been named a Best Employer in Canada for nine co ...
-
Governance, Risk and Compliance
6 days ago
CAPCO Toronto, CanadaGovernance, Risk and Compliance (GRC) Technology Solutions Consultant (Hybrid - Toronto) · at Capco Canada - Toronto Capco – The Future. Now. · Capco is a distinctly and positively different place to work. Much more than consultants, we are active participants in the global f ...
-
Senior Manager Governance, Risk
7 hours ago
Canadian National Railway Toronto, CanadaAt CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automa ...
-
Associate - Governance and Risk Reporting
2 days ago
Royal Bank of Canada> Toronto, Canada Full timeJob Summary · Develops and implements global risk management reports, systems, and processes to minimize investments risks. Applies experience and seasoned knowledge, skills, and practices to perform a variety of assignments.Job Description · What is the Opportunity? · This role ...
-
Security Governance Risk Advisor
2 days ago
Sun Life Toronto, Canada Full timeJob Description · : What will you do? · Provide support to Sun Life Business Groups by conducting security risk assessments, ensuring alignment with security policies and directives with a specific focus on implementation of controls in applications and infrastructure services. ...
-
Associate - Governance and Risk Reporting
5 days ago
0000050072 RBC - USA Toronto, Canada Full timeJob Description · What is the Opportunity? This role is part of Group Risk Management – U.S. Governance & Risk Reporting team and is responsible for supporting RBC's Combined US Operations (CUSO) Risk Management Committee, chaired by the U.S. Chief Risk Officer. The Associate wi ...
-
Senior Manager Governance, Risk
2 weeks ago
CN Rail Toronto, Canada OTHERAt CN, we work together to move our company-and North America-forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automa ...
Senior Manager Governance, Risk - Toronto, Canada - CN
Description
Job SummaryThe purpose of this role is to establish and maintain an industry leading Governance, Risk & Compliance (GRC) practice, develop & mentor a team, and develop policies, standards, risk registries and metrics to comply with business and regulatory requirements and build resilience in people, systems and data to enable CN to reach strategic goals and objectives in the face of evolving cyber threats.
Main Responsibilities
Leading Others
·Partner with HR to maintain and bring new talent to the organization by determining which skills and roles will be required in the future, supporting, and demonstrating diversity and inclusion, and by making thoughtful hiring decisions
·Provide a positive and welcoming onboarding experience to all new employees by ensuring they have access to the tools and resources needed to fulfill the requirements of their job
·Recognize employee milestones (service awards, retirements, etc.) as well as significant contributions and enhanced responsibilities
·Focus on communications and foster collaboration by regularly providing updates to teams about ongoing initiatives and encouraging teams to work together to accomplish common goals and learning
·Manage employee performance to enable potential and ensure employees not meeting expectations are identified and supported through the performance improvement process
·Create and enable a positive and engaging work environment by ensuring individual strengths are uncovered and leveraged through frequent and focused conversations - collaborate, coach, and build connections with employees
·Participate in succession planning by contributing to the yearly talent review cycle and identifying employees with the potential to move up the management and expertise paths
·Support employee development by having regular career conversations with all employees (documented and tracked) and supporting them in reaching their career goals
·Ensure knowledge is preserved through cross-training for key skill sets in the team (knowledge transfer)
Governance, Risk & Compliance (GRC) Practice Development
·Direct and put in place the proper GRC organizational structure and practices to track and manage information and cyber risk for both IT and OT (Operational Technologies) environments and ensure compliance while enabling the business for digital transformation. Incorporating behavioral change as a key risk management strategy with security awareness training and testing.
·Ensure the GRC processes are sustainable and properly documented
·Maintain and build relevant, current, valid and reliable team knowledge related to governance, risk and compliance programs and practices.
·Advance team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members
·Ensure the full documentation and timely updates of policies, standards, guidelines, risks, exceptions, management action plans, and GRC processes through clear diagrams and well-written documents
GRC Continuous Improvement
·Collaborate with the CISO, cybersecurity team, portfolio managers, architects, business and I&T leadership to understand the business direction and consequent impact on the security posture and risk appetite
·Monitor threat intelligence sources, Security Operations Center (SOC) reports, vulnerability management reports, internal audit reports, regulatory changes, industry reporting and business impact analysis to accurately identify and articulate the risk priorities and implement appropriate controls to maintain an appropriate security posture
·Engage the cybersecurity vendor ecosystem to understand capabilities and limitations to drive improvements in the security posture of current products, and assist in the selection of the right partners
·Continuously monitor and evaluate the environment, including third party risk and subsidiaries, through self-assessments and independent security reviews as well as metrics against the framework. Identify deficiencies and inefficiencies and initiate improvement actions though engaging leadership and architecture.
Working Conditions
Occasional business travel (Canada and US) in accordance with CN policy
Requirements
Experience
·Minimum 15 years overall work experience in audit, IT sales, or IT delivery
·Minimum 10 years experience in IT audit or IT governance, risk and compliance
·Minimum 5 years experience in managing IT governance, risk and compliance
·Railroad, transportation, or Global industrial experience is a significant plus (asset)
Education/Certification/Designation
·Bachelor's degree in Computer Science, Business Administration, System Analysis or other relevant field (or) an additional 5 years of relevant experience.
·At least one recognized cybersecurity certification appropriate for GRC: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Privacy Professional (CIPP), Certified in Risk and Information Systems Control (CRISC), etc.
Competencies
·Demonstrated capability to understand the security implications of complex business operations and how they are linked to technological or process solutions that provide practical risk mitigation and business enablement
·Significant experience in applying a structured approach to problem resolution in large, geographically dispersed organizations with 24/7 operations
·Proven collaborative leadership and teamwork aligning to strategic business objectives
·Excellent written and verbal English communication skills with French highly desirable, able to interact with a broad cross-section of personnel to explain risks and enforce security measures
·Detail-oriented self-starter with a high level of commitment and personal motivation
·Knack for prioritizing tasks and working in a fast-paced, Agile environment
Technical Skills/Knowledge
·Knowledge and practical experience applying standards, frameworks, regulations, and legislation governing information security and privacy, NIST, ISO 27001, COBIT, SOX, PIPEDA
·Knowledge and general understanding of IT and OT security controls and control models.
·Knowledge of data classification, security policies and standards, strategic threat intelligence, threat modeling, vulnerability management, risk assessments, third party risk programs, risk management techniques, risk registries, regulatory compliance, security awareness training and testing, security metrics, security enforcement, and other relevant GRC areas of practice.
This position is posted as a grade LEVEL 5. For internal candidates, note that the grade level of the position may adjust based on the employee's experience.