Senior Manager Governance, Risk
2 weeks ago
Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion.
From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely and our employees can focus on value-added tasks.
You will be able to develop your skills and career in our close-knit, safety-focused culture working together as ONE TEAM.
The careers we offer are meaningful because the work we do matters. Join usJob Summary
The purpose of this role is to establish and maintain an industry leading Governance, Risk & Compliance (GRC) practice, develop & mentor a team, and develop policies, standards, risk registries and metrics to comply with business and regulatory requirements and build resilience in people, systems and data to enable CN to reach strategic goals and objectives in the face of evolving cyber threats.
Leading Others
Partner with HR to maintain and bring new talent to the organization by determining which skills and roles will be required in the future, supporting, and demonstrating diversity and inclusion, and by making thoughtful hiring decisions
Provide a positive and welcoming onboarding experience to all new employees by ensuring they have access to the tools and resources needed to fulfill the requirements of their job
Recognize employee milestones (service awards, retirements, etc.) as well as significant contributions and enhanced responsibilities
Focus on communications and foster collaboration by regularly providing updates to teams about ongoing initiatives and encouraging teams to work together to accomplish common goals and learning
Manage employee performance to enable potential and ensure employees not meeting expectations are identified and supported through the performance improvement process
Create and enable a positive and engaging work environment by ensuring individual strengths are uncovered and leveraged through frequent and focused conversations - collaborate, coach, and build connections with employees
Participate in succession planning by contributing to the yearly talent review cycle and identifying employees with the potential to move up the management and expertise paths
Support employee development by having regular career conversations with all employees (documented and tracked) and supporting them in reaching their career goals
Ensure knowledge is preserved through cross-training for key skill sets in the team (knowledge transfer)
Governance, Risk & Compliance (GRC) Practice Development
Direct and put in place the proper GRC organizational structure and practices to track and manage information and cyber risk for both IT and OT (Operational Technologies) environments and ensure compliance while enabling the business for digital transformation.
Incorporating behavioral change as a key risk management strategy with security awareness training and testing.Ensure the GRC processes are sustainable and properly documented
Maintain and build relevant, current, valid and reliable team knowledge related to governance, risk and compliance programs and practices.
Advance team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team membersEnsure the full documentation and timely updates of policies, standards, guidelines, risks, exceptions, management action plans, and GRC processes through clear diagrams and well-written documents
GRC Continuous Improvement
Collaborate with the CISO, cybersecurity team, portfolio managers, architects, business and I&T leadership to understand the business direction and consequent impact on the security posture and risk appetite
Monitor threat intelligence sources, Security Operations Center (SOC) reports, vulnerability management reports, internal audit reports, regulatory changes, industry reporting and business impact analysis to accurately identify and articulate the risk priorities and implement appropriate controls to maintain an appropriate security posture
Engage the cybersecurity vendor ecosystem to understand capabilities and limitations to drive improvements in the security posture of current products, and assist in the selection of the right partners
Continuously monitor and evaluate the environment, including third party risk and subsidiaries, through self-assessments and independent security reviews as well as metrics against the framework.
Identify deficiencies and inefficiencies and initiate improvement actions though engaging leadership and architecture.Working Conditions
Occasional business travel (Canada and US) in accordance with CN policy
Requirements
Experience
Minimum 15 years overall work experience in audit, IT sales, or IT delivery
Minimum 10 years experience in IT audit or IT governance, risk and compliance
Minimum 5 years experience in managing IT governance, risk and compliance
Railroad, transportation, or Global industrial experience is a significant plus (asset)
Education/Certification/Designation
Bachelor's degree in Computer Science, Business Administration, System Analysis or other relevant field (or) an additional 5 years of relevant experience.
At least one recognized cybersecurity certification appropriate forGRC:
e.g.
Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Privacy Professional (CIPP), Certified in Risk and Information Systems Control (CRISC), etc.
CompetenciesDemonstrated capability to understand the security implications of complex business operations and how they are linked to technological or process solutions that provide practical risk mitigation and business enablement
Significant experience in applying a structured approach to problem resolution in large, geographically dispersed organizations with 24/7 operations
Proven collaborative leadership and teamwork aligning to strategic business objectives
Excellent written and verbal English communication skills with French highly desirable, able to interact with a broad cross-section of personnel to explain risks and enforce security measures
Detail-oriented self-starter with a high level of commitment and personal motivation
Knack for prioritizing tasks and working in a fast-paced, Agile environment
Technical Skills/Knowledge
Knowledge and practical experience applying standards, frameworks, regulations, and legislation governing information security and privacy, e.g. NIST, ISO 27001, COBIT, SOX, PIPEDA
Knowledge and general understanding of IT and OT security controls and control models.
Knowledge of data classification, security policies and standards, strategic threat intelligence, threat modeling, vulnerability management, risk assessments, third party risk programs, risk management techniques, risk registries, regulatory compliance, security awareness training and testing, security metrics, security enforcement, and other relevant GRC areas of practice.
This position is posted as a grade LEVEL 5. For internal candidates, note that the grade level of the position may adjust based on the employee's experience.About CN
CN is a world-class transportation leader and trade-enabler.
Essential to the economy, to the customers, and to the communities it serves, CN safely transports more than 300 million tons of natural resources, manufactured products, and finished goods throughout North America every year.
As the only railroad connecting Canada's Eastern and Western coasts with the Southern tip of the U.S.through a 19,500 mile rail network, CN and its affiliates have been contributing to community prosperity and sustainable trade since 1919.
CN is committed to programs supporting social responsibility and environmental stewardship.At CN, we work as ONE TEAM, focused on safety, sustainability and our customers, providing operational and supply chain excellence to deliver results.
For internal candidates, note that the grade level of the position will depend on the employee's experience.CN is an employment equity employer and we encourage all qualified candidates to apply. We thank all applicants for their interest, however, only candidates under consideration will be contacted. Please monitor your email on a regular basis, as communication is primarily made through email.
-
Senior Manager Governance, Risk
1 month ago
Toronto, Ontario, Canada CN Rail Full timeAt CN, we work together to move our company-and North America-forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely...
-
Toronto, Ontario, Canada teamworkonline Full timeAt FIFA26, our vision is to unite the world through the greatest sporting event of all time. The FIFA World Cup 26TM will mark the first time that the tournament will feature 48 teams and be hosted by three countries: Canada, Mexico and the USA. This new format will redefine excellence, generating unique opportunities for greater participation and engagement...
-
Toronto, Ontario, Canada teamworkonline Full timeAt FIFA26, our vision is to unite the world through the greatest sporting event of all time. The FIFA World Cup 26TM will mark the first time that the tournament will feature 48 teams and be hosted by three countries: Canada, Mexico and the USA. This new format will redefine excellence, generating unique opportunities for greater participation and engagement...
-
Senior Manager, Data Governance
1 week ago
Toronto, Ontario, Ontario, Canada AIR MILES Reward Program Full timeThe AIR MILES Reward Program is one of Canada’s most recognized loyalty programs, with over 10 million active collector accounts, representing more than half of all Canadian households. AIR MILES collectors earn Reward Miles at more than 300 leading Canadian, global and online brands and at thousands of retail and service locations across the country. AIR...
-
Senior Manager, Funds Risk Management
1 day ago
Toronto, Ontario, Canada Scotiabank Full timeSenior Manager, Funds Risk Management - Structured Products Risk AnalyticsRequisition ID: 198944Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.Funds Risk Management (FRM) - Structured Products Risk Analytics is liable for counterparty credit risk (CCR) analytics and market risk oversight for the Bank's...
-
Manager, Business Risk Initiatives
3 weeks ago
Toronto, Ontario, Canada RBC - Royal Bank Full timeJob SummaryJob DescriptionWhat is the opportunity? As the Manager, Business Risk Initiatives, you will support Wealth Management (WM) Operational Risk and Shared Services (OR&SS) in helping to lead segment-wide initiatives to promote best risk practices across WM. In this role you will assist in the design and execution of Business Risk initiatives by...
-
Sr Analyst, Governance, Risk, and Compliance
1 month ago
Toronto, Ontario, Canada Tucows Inc. Full timeTucows (NASDAQ:TCX, TSX:TC) is possibly the biggest Internet company you've never heard of. We started as a simple shareware site in 1993 and have since grown into a stable of businesses: Tucows Domains, Ting Internet and Wavelo.What's next at TucowsWe embrace a people-first philosophy that is rooted in respect, trust, and flexibility. We believe that...
-
Sr Analyst, Governance, Risk, and Compliance
3 weeks ago
Toronto, Ontario, Canada Tucows Inc. Full timeTucows (NASDAQ:TCX, TSX:TC) is possibly the biggest Internet company you've never heard of. We started as a simple shareware site in 1993 and have since grown into a stable of businesses: Tucows Domains, Ting Internet and Wavelo.What's next at TucowsWe embrace a people-first philosophy that is rooted in respect, trust, and flexibility. We believe that...
-
Manager, Enterprise Risk Management
2 weeks ago
Greater Toronto Area, Canada, Ontario Robertson & Company Ltd. Full timeOur Client:Our client is a leading residential mortgage insurer renowned for offering mortgage default insurance to Canadian residential mortgage lenders.What You Will Achieve in This Role:As the Manager of Enterprise Risk Management (ERM), you will play a pivotal role in developing and implementing elements to support the ERM program within our client’s...
-
Senior Risk Control Advisor
2 days ago
Toronto, Ontario, Canada Ombudsman Ontario Full timeEffective April 1, 2024 the salary range for this position is $88,496 to $128,625 per year. The new rates, effective retroactive to April 1, 2024, were recently confirmed and dates for implementation of the new salary rates are still to be determined.Are you experienced in Risk Management for Capital Markets? The Ontario Financing Authority (OFA) is seeking...
-
Consultant, Records Management
2 days ago
Toronto, Ontario, Ontario, Canada Apex Systems Full timeConsultant, Records Management (Data Governance)You will be joining The Enterprise Security, Architecture, Analytics and Fraud group.The Architecture, Data & Analytics is a top down, business strategy driven functional group that coordinates data and records management, analytics, governance, and architecture activities across all lines of business.The...
-
Sr Director, Sustainable Finance Research
5 days ago
Toronto, Ontario, Ontario, Canada Global Risk Institute Full timeThe CompanyThe Global Risk Institute (GRI) is a premier organization that defines thought leadership in risk management for the financial industry. GRI brings together leaders from the financial services industry, academia, and government to draw actionable insights on risks globally.The organization was founded in 2010 as a result of efforts by the...
-
Manager, Compliance Governance
2 weeks ago
Toronto, Ontario, Canada Raymond James Ltd. Full timeAt Raymond James, we develop, we collaborate, we decide, we deliver, and we improve together.Raymond James Ltd. is Canada's leading independent investment dealers offering high quality investment products and services to Canadians seeking customized solutions to their wealth management needs.Manager, Compliance GovernanceHow does the role impact the...
-
Senior Manager, Credit Risk Adjudication
2 days ago
Toronto, Ontario, Ontario, Canada Robert Half Full timeOur client, a Schedule 3 Bank who operates a global network of 208 branches across 25 countries, is hiring a Senior Manager, Credit Risk Adjudication & Policy to join their Corporate Office Toronto location. This is a 100% fully onsite role, and the location is TTC Accessible.Snapshot of the Role:The Senior Manager, Credit Risk Adjudication & Policy is...
-
Manager, AML High Risk Client Management
3 weeks ago
Toronto, Ontario, Canada RBC - Royal Bank Full timeJob SummaryJob DescriptionWhat is the opportunity? A new and exciting opportunity has arisen to join the Global Anti-Money Laundering (AML) Compliance department as Manager on the Capital Markets, High Risk Client Management (HRCM) team. Reporting to the Senior Manager, Capital Markets, HRCM, you will make core risk decisions related to the identification,...
-
Toronto, Ontario, Ontario, Canada HUB International Full timeAbout HUB InternationalAt HUB International, we are a team of entrepreneurs. We believe in empowering our clients, and we do so by protecting businesses and individuals in our local communities. We help businesses evaluate their risks and develop solutions tailored to their needs. We believe in empowering our employees. As a global firm, we offer employees...
-
Manager, Liquidity Risk
6 days ago
Toronto, Ontario, Canada Scotiabank Full timeRequisition ID: 199192Join a dynamic and successful team that is dedicated to achieving results in a diverse and high-performing environment.The Liquidity & Interest Rate Risk (LIRR) Group plays a vital role in shaping the Bank's risk appetite and governance framework, overseeing liquidity, structural, and non-trading risks. Scotiabank's renowned risk...
-
Senior Project Manager
1 month ago
Toronto, Ontario, Canada Mace Full timeYour Responsibilities Will Include: Assessing several programs and projects through multiple stages of their life cycle. Managing and maintaining senior level client relationships. Managing the monitor and reporting of program-level resource demands and availability. Reviewing existing conditions and deployment of an industry best practice program...
-
OT Risk Security Analyst
3 weeks ago
Toronto, Ontario, Canada Krissilasgroup Full timeOur client is a leader in its industry and is considered one of the top 25 most engaged companies globally. Operational Technology - OT GRC Security Risk Analyst Contract Position: 6 months to start Hybrid The Information Security Risk and Governance Analyst supports the Information Security Risk Management and Governance programs. The candidate will...
-
Toronto, Ontario, Canada Healthcare of Ontario Pension Plan (HOOPP) Full timeWhy you'll love working here:high-performance, people-focused cultureour commitment that equity, diversity, and inclusion are fundamental to our work environment and business success, which helps employees feel valued and empowered to be their authentic selveslearning and development initiatives, including workshops, Speaker Series events and access to...
