Risk Manager, Data - Toronto, Canada - TD Bank

TD Bank

Verified Company

Toronto, Canada

1 week ago

Posted by:

Sophia Lee

beBee Recruiter

Description

402569BR

Corporate Development / Strategy / Design

Toronto, ON

March 10, 2023

Company Overview

Department Overview

The independent Operational Risk Management (ORM) team works in partnership with the business units and corporate groups of TD Bank Group to further the understanding and management of operational risk across the enterprise.

Job Description:

Reporting to the AVP, ORM - Enterprise Data & Technology Risk Management (EDTRM) and working closely under the supervision of Sr.

Manager Application Security Risk, this role will have the following accountabilities:

Application Security direction, advice and guidance to the EDTRM team.
Participate and contribute in the execution of ORM Application and API Security challenge activities.
Effectively communicate risk management practices and methodologies and results of risk assessments to other specialists and managers in a supportive and collaborative manner and influence riskbased decisions and remediation activities.
Conduct planned independent challenge and assessments of Technology for risk identification, assessment, reporting and monitoring based on a riskbased methodology in areas such as:
Application Security processes.
Technology risk assessments.
Cloud computing and cloud service provider risk assessments.
Third party risk assessments.
Cybersecurity/ Data breach incidents.
Manage 2nd line Application Security challenge activities required to support the ORM Framework
Be a positive team player to consistently maintain high levels of integrity, motivation and morale.
Position will deal with executives and Sr. management in Technology & Cybersecurity areas and risk professionals across the enterprise.
This is a seasoned Cybersecurity risk and technology leader with 5+ years of experience in Application Security, cybersecurity technology, and risk management

Requirements:

Organizationally astute, with superior influencing, collaboration and communication skills. Ability to digest and summarize complex technical scenarios and to communicate those effectively to various audiences.
Experience assessing risk and challenging the status quo
In order to provide effective oversight and independent challenge the role requires the incumbent to have a good understanding of the following areas:
Risk management frameworks and methodologies;
Data Governance & Cybersecurity frameworks, Privacy, operations, processes, controls and tools;
Application Security Program and capabilities;
Technology operations and processes;
Third party risk management;
Regulatory requirements.
Experience in the Data Protection, Application Security, Privacy, Cybersecurity, Technology Solutions, Risk Management, or Internal Audit field.
Deep understanding of Regulatory and Controls requirements: Privacy legislation, GDPR, PCI, FFIEC, SOX, HIPAA, ISO 2700x, and NIST. Standards.
Strong analytical skills, including segment risk analysis, data analysis, and comparative analysis. Ability to identify root causes on risk exposures and to correlate multiple risk exposures to assess aggregated risks and enterprise compensating controls.
Proven ability to work independently and promote a positive, high performing work environment. Expertise in working effectively in teams requires a track record of knowledge across the organization.
Strong business and financial acumen.

Education & Accreditation

Undergraduate degree in Computer Science/ Computer Engineering/ Risk Management is an asset.
Accreditation such as CISSP, CISM, CRISC, CISA and/or similar is preferred.

Hours

37.5

Inclusiveness

At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported.

We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live and serve.

If you require an accommodation for the recruitment/interview process (including alternate formats of materials, or accessible meeting rooms or other accommodation), please let us know and we will work with you to meet your needs.