Director, Cyber & Technology Risk

What you’ll do

Reporting to the AVP Enterprise Risk Management (ERM) at Canadian Tire Bank, you'll working closely with key stakeholders across Enterprise Risk Management, Cybersecurity, IT, Privacy and other key Business Units.  The Director, Cyber & Technology Risk, provides a layer of independent oversight, challenge and cyber risk advisory services through targeted independent assessments of current cyber security practices, roadmaps, strategies and regulatory requirements across the Bank.

• Evaluate existing and future cyber technologies within the CTB environment to ensure the correct technologies are deployed to effectively mitigate cyber risks to an adequate level
• Work closely with first-line teams to challenge and validate risk controls, ensuring alignment with business objectives, published cybersecurity and regulatory requirements
• Oversee, review and challenge of ongoing cyber risk management activities inclusive of policy, operating directive and standards development, TPRM and Operational Resiliency programs
• Maintain the process for developing and managing Cyber Risk governance and management activities
• Act as a liaison between cyber and technology risk functions in the first line such as IT, cybersecurity, business, Enterprise Risk and Internal Audit functions
• Measure the cyber program against defined risk appetite and tolerance limits based on business needs and informed by regulatory compliance, industry standards, frameworks and technical capabilities
• Facilitate the identification and influence the remediation of cyber risk initiatives through effective KPI management leveraging metrics and stakeholders as required
• Refine and enhance cyber risk metrics oversight and reporting and impacts to CTB’s risk profile
• Partner with cybersecurity, IT, and business stakeholders to assess the effectiveness of current operational resilience, business continuity planning and disaster recovery, providing recommendations and influencing as required
• Produce and support the production of key cyber and technology risk reporting for the board, executive leadership and management
• Oversee, review and challenge the implementation of an AI risk management framework to ensure the safe and ethical use of AI technologies
• Complete cyber-scenario and external event assessments that assesses cyber and technology events to provide insights to senior management and regulators
• Support cyber-related regulatory examinations, requests, and assessments to ensure compliance with OSFI regulations and advise on gaps and risk treatments
• Oversee and monitor cyber incidents, ensuring proper escalation and response strategies
• Promote a culture of Cyber Risk awareness throughout CTB

What you bring

• Over 7+ years’ experience in a cyber & technology management role in a federally regulated banking or financial services organization with a global footprint, or a similar industry
• Bachelor's degree or equivalent experience in Cybersecurity, Computer Science, Engineering, Business, Mathematics, or related field.
• Experience in evaluating and deploying a wider range of cyber security technologies (e.g., firewalls, cloud, IDS/IPS, DLP, IDAM, etc.)
• Deep knowledge of industry leading cyber security frameworks and regulations for identifying and managing cyber security risk (e.g., NIST, ISO, COBIT, PCI, etc.)
• Certifications in CISSP, CISM, and SCF
• CRISC and CISA a definite asset
• Expert knowledge of network technologies, cloud, hardware platforms and operating systems
• Expert understanding of security interoperability through an entire technology stack
• Good knowledge of applicable OSFI guidelines, data privacy practices and laws
• Ability to exercise effective independent judgment, to prioritize and deliver business results in a fast moving, high pressure and demanding environment with competing priorities
• Strong interpersonal, communication, and influencing skills to build credibility and collaboration 

About Us

At Canadian Tire Services Limited/Canadian Tire Bank, it is our mandate to continue to create innovative and rewarding financial solutions for our customers. Our growing suite of products and services showcase the dynamic contributions from our employees and our success is driven by a strong vision, loyal customers, and our ability to build teams that reflect the diverse customers and communities in which we live and work. Join us, where there's a place for you here.

Our Commitment to Diversity, Inclusion and Belonging 

We are committed to fostering an environment where belonging thrives, and diversity, inclusion and equity are infused into everything we do. We believe in building an organizational culture where people are consistently treated with dignity while respecting individual religion, nationality, gender, race, age, perceived ability, spoken language, sexual orientation, and identification. We are united in our purpose of being here to help make life in Canada better. .

Accommodations  

We stand firm in our Core Value that inclusion is a must. We welcome and encourage candidates from equity-seeking groups such as people who identify as racialized, Indigenous, 2SLGBTQIA+, women, people with disabilities, and beyond. Should you require any accommodation in applying for this role, or throughout the interview process, please make them known when contacted and we will work with you to help meet your needs.