Manager, Technology Risk Management
Toronto
Equitable Bank
At Equitable Bank, we specialize in providing branchless financial services that meet the unique needs of all Canadians. Our range of mortgages, savings accounts and investment options are designed to offer the right solutions to match any...
Purpose of Job
The Manager, Technology Risk Management supports the development and ongoing execution of a strong technology risk management program across Equitable Bank and provides independent oversight and effective challenge (as the second line of defense) to ensure the Bank operates within its established technology risk appetite.
The Manager, Technology Risk Management supports the development and ongoing execution of a strong technology risk management program across Equitable Bank and provides independent oversight and effective challenge (as the second line of defense) to ensure the Bank operates within its established technology risk appetite.
Main Activities:
- The Manager, Technology Risk Management role is being created to strengthen and advance the Bank’s technology risk practices, aligned with regulatory expectations including OSFI’s B-13, CSSA and E-21 guidelines. This role will also play a key part in integrated risk management by fostering alignment across related domains such as operational resiliency, business continuity, change management and third-party risk.
- Lead and support the execution of risk identification and assessment processes such as Risk and Control Self-Assessments (RCSA) and New Initiative Risk Assessments (NIRA) across technology, cybersecurity, and data domains.
- Support the identification and management of emerging risk areas, including Artificial Intelligence (AI), ensuring associated risks are evaluated and addressed through appropriate governance mechanisms.
- Monitor technology risk exposures and perform investigations related to technology and cyber events; support root-cause analysis and track mitigation progress using the Governance, Risk, and Compliance (GRC) tool (Resolver).
- Review and challenge Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) to validate accuracy, relevance, and emerging trends.
- Lead the Bank’s control testing program to assess the design and operating effectiveness of key controls in technology and cyber environments.
- Support the identification and oversight of AI and data risk, and provide critical challenge to ensure alignment with regulatory expectations and evolving industry best practices.
- Manage and document risk acceptances, ensuring appropriate approvals are in place, residual risks are well understood and documented.
- Support the continuous enhancement and implementation of technology-related policies, standards, and procedures.
- Collaborate with cross-functional stakeholders to support regulatory compliance efforts, including OSFI’s B-13, CSSA, and E-21 guidelines.
- Act as a key point of contact during internal audits, regulatory assessments, and other independent reviews related to technology and cyber risk.
- Provide risk oversight of third-party technology service providers and material arrangements, and support reviews and assessments in collaboration with relevant stakeholders.
- Support activities related to Business Continuity Management (BCM) and Disaster Recovery (DR) programs, as required.
Technology Risk Identification & Assessment
Control Testing & Risk Acceptance
Governance & Oversight
Third-Party & Business Continuity Management
Knowledge/Skill Requirements:
- Undergraduate degree in technology, finance, economics, business administration or commerce.
- 5-8 years of experience in an information technology risk oversight role in a financial institution. Experience in a Technology Audit and Cloud Governance would be considered an asset.
- Technology Risk Management certifications such as CRISC, CISSP, CISM, CCSP or CISA would be considered an asset.
- Strong understanding of risk management, compliance matters, and corporate governance.
- Strong analytical and quantitative skills and problem-solving abilities. Strong attention to detail.
- Strong written and verbal communication skills coupled with meeting facilitation abilities and good presentation skills.
- Good organizational, project and time management skills to efficiently and independently deliver concurrent projects with competing priorities.
- Experienced in audit or sampling techniques and regulatory/legal requirements of financial institutions
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
3
0
0
Categories:
Compliance Jobs
Leadership Jobs
Tags: Artificial Intelligence Audits CCSP CISA CISM CISSP Cloud Compliance CRISC CSSA Finance Governance KPIs Risk assessment Risk management
Region:
North America
Country:
Canada
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Security Operations Engineer jobsSenior Cybersecurity Engineer jobsSenior Security Analyst jobsSenior Cloud Security Engineer jobsSystems Administrator jobsIT Security Analyst jobsCyber Security Specialist jobsSenior Information Security Analyst jobsInformation Security Manager jobsSenior Network Security Engineer jobsSecurity Consultant jobsSenior Product Security Engineer jobsSenior Information Security Engineer jobsInformation Systems Security Engineer jobsChief Information Security Officer jobsSecurity Specialist jobsInformation System Security Officer (ISSO) jobsSenior Cyber Security Engineer jobsIT Security Engineer jobsSenior IT Auditor jobsCyber Threat Intelligence Analyst jobsCybersecurity Specialist jobsSecurity Operations Analyst jobsSenior Software Engineer jobsNetwork Engineer jobs
Java jobsTS/SCI jobsSecurity assessment jobsEDR jobsEncryption jobsSplunk jobsSDLC jobsThreat detection jobsMalware jobsFinance jobsIDS jobsTerraform jobsRMF jobsIPS jobsTop Secret jobsForensics jobsSQL jobsSOC 2 jobsCompTIA jobsDocker jobsActive Directory jobsOWASP jobsClearance Required jobsITIL jobsIntrusion detection jobs