Jobs
>
Markham

    Senior Analyst – IT Governance, Risk and Compliance - Markham, Canada - Enercare

    Enercare
    Enercare Markham, Canada

    1 week ago

    Default job background
    Regular, Full time
    Description

    Summary

    :

    The Senior Analyst – IT Governance, Risk and Compliance (IT GRC) will manage activities within Canada and US, as part of the IT GRC team, and report directly to the Director, IT GRC. The person will be instrumental in collaborating across IT, business, and internal / external audit teams especially for the compliance process.

    A great fit for this role is someone with working experience in the field and who has assisted in planning, testing, execution and reporting on IT Governance, Risk and Compliance, especially processes and controls for Sarbanes-Oxley (SOX), Payment Card Industry (PCI) Data Security Standards (DSS) and/or compliance programs.

    Responsibilities :

    IT Governance

  • Responsible for, where required, writing, or advising on IT Policies, Standards, Guidelines, Procedures, Plans, Playbooks & Standard Operating Procedures (SOPs) and ensure alignment to industry standards, best practices, regulatory requirements, IT enterprise policy framework & management requirements.
  • Ensuring policies are reviewed on schedule & communicated to all relevant parties in compliance with processes and at times could include reviewing and contributing to non-IT owned policies.
  • Ensure that IT procedures, controls and documentation are sufficient across IT, provide advice on gaps and support or guide teams in filling those gaps.
  • Responsible for performing gap analysis of IT governance and remediating gaps or working with department management to remediate gaps.
  • Supporting the Data Governance program and records information management programs

    • IT Risk Management

  • Performing all aspects of an IT risk management program. This includes assessing risk (to industry frameworks and in line with Enterprise risk tolerance and appetite), documenting technical details as well as documenting risk in a way that is easily understood by non-technical people.
  • Reviewing & assessing management responses, ensuring that risks are sufficiently mitigated, and documenting justification and reasoning.
  • Performing risk assessments of vendors that the Company works with and providing advice on any iterative improvements to that process.
  • Facilitating periodic risk review sessions with IT leadership, performing assessments and to ensure consistent patterns of risk management processes across the Company.
  • Manage the third-party risk management process for external vendors.

    • IT Compliance

  • Assist with the IT Compliance programs (e.g., SOX, PCI DSS) including planning, testing, execution, monitoring and reporting of new and existing processes and controls.
  • Participate in annual and ongoing IT Compliance (e.g., SOX) scoping to identify any changes to the systems, applications, and automated controls considered to be in-scope for the current fiscal year.
  • Manage IT Compliance readiness, such as control identification and testing for new systems, applications, and automated controls.
  • Lead IT General Control (ITGC), and application control (ITAC) (as applicable), walkthroughs for new or complex processes and systems
  • Develop, update and/or review IT process documentation for accuracy, completeness and relevance and update as necessary.
  • Coordinate IT SOX program testing for ITGC, and ITAC (as applicable) with co-sourced internal audit IT team members, external audit IT team members, control owners, managers and executive management.
  • Evaluate IT control deficiencies for impact and perform root cause analysis to determine appropriate management actions.
  • Monitor management's remediation efforts to closure, including review of supporting evidence.
  • Provide regular IT Compliance program status reporting to the IT team, Internal Audit and Senior IT management (as needed)
  • Assisting with benchmarking and other initiatives to improve controls, make processes more efficient, effective, and/or reduce cycle time for IT SOX and PCI DSS compliance.
  • Work closely with cross-functional teams including IT Operations, Accounting/Finance, and Internal/External Audit.
  • Collaborate with internal and external auditors to ensure IT SOX and other compliance program requirements are being met.
  • Ensure new software programs meet compliance requirements before they are made operational.
  • Support and manage detailed testing of controls to ensure risks are appropriately identified, associated audit procedures are applied, and related controls are designed and operating to mitigate the identified risks.
  • Training of IT GRC to the IT and Business teams.
  • Build trust and positive working relationships with auditors, business stakeholders, IT teams, and senior management to ensure alignment between IT strategy and business objectives.
  • Collaborating with Project, IT development and operations teams to identify, collect and optimize IT resources to meet business requirements.

    • Qualifications:

  • Bachelor's degree or higher, preferably in Information Technology (IT), Information Security, Computer Science or other technical discipline; Finance/Accounting is acceptable.
  • 5+ years of progressive experience in IT Governance, Risk Management, Compliance and/or Audit (e.g., Operations, Financial, IT); Project management experience is desired.
  • Designations and Certifications in one or more of the following areas: CPA (CA, CMA, CGA), CISA, GRCP, CGRC, CIA is preferred
  • CISSP, GIAC, CGEIT, CRISC, CISM, CDPSE, ISO 27001 are an asset.
  • Demonstrate previous success working with IT GRC programs.
  • Advanced knowledge and experience with SOX, PCI DSS and related industry standards/frameworks is required.
  • Knowledge of CIS, ISO 27001, COBIT, NIST and related industry standards/frameworks is preferred.
  • Possess strong communication and collaboration skills, to provide solutions and translate in both technical and non-technical manners.
  • Illustrated ability to deliver projects on time and within budget in fast moving environment and competence in managing several projects.
  • Prior experience in large professional services, consulting, and audit companies, including Big 4 firms, is strongly desired.
  • Experience in supporting compliance with applicable privacy laws, is an asset.

    • Enercare is an equal opportunity employer. We are committed to equal employment opportunity regardless of race, colour, ancestry, national origin, religion, sex, age, sexual orientation, gender identity, citizenship, marital status, disability, pregnancy, military status, protected veteran status or other characteristics protected by applicable law. Enercare's recruitment process includes accommodation for applicants with disabilities in accordance with applicable provincial accessibility laws and regulations. All accommodations will take into account the applicant's accessibility needs due to disability and are available upon request.

  • TES The Employment Solution

    Risk & Compliance - Technology Controls Office

    2 weeks ago

    TES The Employment Solution Markham, Canada

    Risk & Compliance - Technology Controls Office · Contract till Sep 2024 · Markham, ON- HYBRID 3 days onsite each week · Pay Rate : $60-65/hour Inc · The role requires the candidate has more than 3 years of experience in IT Audit or IT Compliance. · The candidate familiar with Inf ...

  • TES The Employment Solution

    Risk & Compliance - Technology Controls Office

    3 weeks ago

    TES The Employment Solution Markham, ON, Canada $60 - $65

    Risk & Compliance - Technology Controls OfficeContract till Sep 2024Markham, ON- HYBRID 3 days onsite each weekPay Rate : $60-65/hour IncThe role requires the candidate has more than 3 years of experience in IT Audit or IT Compliance. The candidate familiar with Information Secur ...

  • CAPCO

    Governance, Risk and Compliance

    2 days ago

    CAPCO Toronto, Canada

    Governance, Risk and Compliance (GRC) Technology Solutions Consultant (Hybrid - Toronto) · at Capco Canada - Toronto Capco – The Future. Now. · Capco is a distinctly and positively different place to work. Much more than consultants, we are active participants in the global f ...

  • BMO Financial Group

    Technology & Risk Compliance Lead

    5 days ago

    BMO Financial Group Scarborough, Canada Contract

    Company Overview · BMO is an organization driven by a shared Purpose: Boldly Grow the Good in business and life. It calls on members of its team, to create lasting, positive change for its customers, its communities, and its people. By working together, innovating, and pushing bo ...

  • TES The Employment Solution

    Risk & Compliance - Technology Controls Office

    3 weeks ago

    TES The Employment Solution Markham, Canada

    Risk & Compliance - Technology Controls Office Contract till Sep 2024 Markham, ON- HYBRID 3 days onsite each week Pay Rate : $60-65/hour Inc The role requires the candidate has more than 3 years of experience in IT Audit or IT Compliance. The candidate familiar with Information S ...

  • Stantec Consulting International Ltd.

    Information Security Risk and Compliance Lead

    3 weeks ago

    Stantec Consulting International Ltd. Markham, ON, Canada

    From iconic designs to monumental ground breakings, we believe the best solutions are the product of diverse perspectives. · By managing capital programs and projects as if they were our own, our project management business, and technical experts work with clients to strategize, ...

  • Workplace Safety and Insurance Board

    IT Risk Compliance

    3 weeks ago

    Workplace Safety and Insurance Board Toronto, Canada

    Reporting to the Manager, IT Risk and Governance, this role supports the Manager in ensuring WSIB's consistent adaptation of the IT risk management framework and applicable risk management requirements including, developing and implementing risk policy, developing and maintaining ...

  • Healthcare of Ontario Pension Plan

    Sr. IT Risk Compliance Analyst

    3 weeks ago

    Healthcare of Ontario Pension Plan Toronto, Canada Full time

    Why you'll love working here: · high-performance, people-focused culture · our commitment that equity, diversity, and inclusion are fundamental to our work environment and business success, which helps employees feel valued and empowered to be their authentic selves · membershi ...

  • Workplace Safety and Insurance Board

    IT Risk Compliance

    4 weeks ago

    Workplace Safety and Insurance Board Toronto, Canada

    **Our priority is the health and wellness of employees and the people of Ontario. As such, this position may involve working from home for part of the duration of this position. The WSIB model mixes working from home, office and field.** · **Our priority is the health and wellnes ...

  • Workplace Safety and Insurance Board

    IT Risk Compliance

    1 week ago

    Workplace Safety and Insurance Board Toronto, Canada

    **Our priority is the health and wellness of employees and the people of Ontario. As such, this position may involve working from home for part of the duration of this position. The WSIB model mixes working from home, office and field.** · **About the Workplace Safety and Insuran ...

  • Gradient Inc.

    Director of Governance, Risk, and Compliance

    1 day ago

    Gradient Inc. Toronto, Canada

    Our client, a global market leader in the Software as a Service (SaaS) space is searching for a Director of Governance, Risk, and Compliance. · This is an exciting opportunity to build out a new Security, Risk & Privacy program and create policies that will protect the organizati ...

  • TD

    Senior audit manager, qaip global compliance and risk

    2 weeks ago

    TD Old Toronto, Canada

    Lieu de travail: · Toronto, Ontario, CanadaHoraire: · 37.5Secteur d'activité: · AuditDétails de la rémunération : · Nous avons à cœur d'offrir une rémunération juste et équitable à tous nos collègues. En votre qualité de candidat ou de candidate, nous vous encourageons à avoir un ...

  • Gradient Inc.

    Director of Governance, Risk, and Compliance

    14 hours ago

    Gradient Inc. Toronto, ON, Canada

    Our client, a global market leader in the Software as a Service (SaaS) space is searching for a Director of Governance, Risk, and Compliance.This is an exciting opportunity to build out a new Security, Risk & Privacy program and create policies that will protect the organization ...

  • Gradient Inc.

    Director of Governance, Risk, and Compliance

    6 hours ago

    Gradient Inc. Toronto, Canada

    Our client, a global market leader in the Software as a Service (SaaS) space is searching for a Director of Governance, Risk, and Compliance. This is an exciting opportunity to build out a new Security, Risk & Privacy program and create policies that will protect the organization ...

  • Safran

    Head of Legal, Compliance and Risk

    3 weeks ago

    Safran Ontario, Canada

    Safran Landing Systems Job field : Trade compliance and risks Location : Ontario, Ontario, Canada Contract type : Permanent Contract duration : Full-time Required degree : Bachelor's Degree Required experience : Professional, Engineer & Manager The Manager, Site Risks and Data Se ...

  • Disability Solutions

    Head of Risk Management and Compliance

    3 weeks ago

    Disability Solutions Toronto, ON, Canada $85,000 - $100,000

    Raymond James Ltd. is Canada's leading independent investment dealers offering high quality investment products and services to Canadians seeking customized solutions to their wealth management needs. Manager, Risk Management How does the role impact the organization? Reporting t ...

  • Gradient Inc.

    Director, Risk, Compliance, and Governance

    14 hours ago

    Gradient Inc. Toronto, ON, Canada

    Our client, a global market leader in the Software as a Service (SaaS) space is searching for a Director of Governance, Risk, and Compliance.This is an exciting opportunity to build out a new Security, Risk & Privacy program and create policies that will protect the organization ...

  • Gradient Inc.

    Director, Risk, Compliance, and Governance

    1 day ago

    Gradient Inc. Toronto, ON, Canada

    Our client, a global market leader in the Software as a Service (SaaS) space is searching for a Director of Governance, Risk, and Compliance. · This is an exciting opportunity to build out a new Security, Risk & Privacy program and create policies that will protect the organizat ...

  • Stripe

    Manager of Compliance/Risk Management

    4 weeks ago

    Stripe Toronto, ON, Canada $140,700 - $211,100

    Stripe is a financial infrastructure platform for businesses. Millions of companies - from the world's largest enterprises to the most ambitious startups - use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. We appreciate that growing the ...

  • Brookfield Asset Management

    Senior Analyst, Risk and SOX Compliance

    2 days ago

    Brookfield Asset Management Toronto, Canada Full time

    Job Description · Senior Analyst, Risk and SOX Compliance · Position Summary · Reporting to the Director, SOX Compliance, this position is responsible for supporting successful implementation of internal controls over financial reporting (ICFR) frameworks and execution of the I ...