Specialist, Technology Risk - Ottawa, Canada - CMHC

CMHC

Verified Company

Ottawa, Canada

3 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Job Requisition ID: 9388

Position Status:
Permanent Full Time

Position Type:
Hybrid

Office Location:
Ottawa (ON); Montreal (QC); Toronto (ON)

Travel Requirement:
Limited

Language Designation:
English Essential

Language Skill Levels (Read/Write/Speak): ZZZ

Salary:
Our salaries generally range from $ to $ and are based on qualifications and experience.

About CMHC

At CMHC, the work you do and the work we do together matters.

We come to work every day with a common purpose:

to realize a future where everyone in Canada has a home that they can afford and meets their needs.

Our people are second to none.

We lean in with courage, band together as a community and try new things to make a lasting impact on housing from coast to coast to coast.

Join us and be part of a team that's committed to making a real difference and be part of something meaningful.

What's in it for you

We've got the purpose, the people and the perks you need for a fulfilling career.

Here's what you get when you're a permanent employee:

5 weeks of vacation
Annual individual performance bonus
Defined benefit pension plan
Comprehensive group insurance plan to support your wellbeing from day one
Support in your personal and professional growth with training, mentorship and more because when you thrive, we thrive
An inclusive workplace culture and environment with Employee Resource Groups and more
A hybrid work model that lets you balance working from home and nurturing inperson connections by coming into your region's office at a minimum of 4 times a month.

About the role

Join the Business Transformation sector, where our partners view CMHC as the catalyst for solving housing affordability challenges.

What you'll do:

Managing implementation and operation of information technology general controls in the production environment including control planning, design, implementation, reporting and completion of related change activities within established timeframes.
Responsible for ensuring operational compliance with regulatory guidelines and related controls in the domains of: Change and Release Management, Patch Management, Incident Management, Problem Management, Technology Service Measurement and Monitoring, and Disaster Recovery.
Monitoring day to day operational compliance by IT service providers of established IT directives, procedures, standards, and frameworks to support effective operation of information technology general controls.
Driving risk and issue mitigation activities forward through engagement in established working groups, information technology governance committees, and relevant stakeholders, including communicating with senior management as needed, to ensure any potential concerns are addressed in a timely and effective manner.
Responsible for measurement of established key risk indicators, including developing and facilitating execution of mitigating actions, when risk appetite thresholds are exceeded.
Building positive relationships and partnerships with internal and external partners, service providers, oversight groups and audit entities, collaborating and sharing intelligence to enhance operational practices.

What you should have:

Bachelor's degree preferably in Computer Science, Management Information Systems, Finance, Business Administration, Commerce, or in a related field.
Minimum five (5) years of increasing responsibilities and relevant work experience in Risk and/or Audit, including remediation plan implementation. An equivalent combination of related education and work experience may be considered.
Demonstrated experience in assessing and reviewing governance, work processes, controls and/or risk management.
Demonstrated work experience and skills in providing strategic risk advice, recommendations, guidance, and services to senior management on highly complex operational risks and issues through presentations, reports, and briefings.
Experience and/or knowledge within one or more of the following risk domains: Audit management, Risk management, Compliance management, Cybersecurity; Cloud technologies; Business continuity management and disaster recovery; Data governance and information management; and Vendor management.
Knowledge of operational risk management frameworks, vendor risk management, operational policy development and knowledge of internal control concepts and frameworks.
Strong relationship building skills to coordinate with related operations to effectively plan and collaborate on audits and implement findings.
Strong oral and written communication skills, including the ability to deliver professional advice or direction or present opinions and recommendations to a variety of audiences (technical and nontechnical).

It would also be great if you also had: