IT Risk

About Symcor

Symcor enables secure data exchanges and supporting business processes, to help clients succeed in an evolving digital world. Trusted by Canada's largest institutions for over 25 years to support their digital transformations, Symcor aligns industry participants to solve common challenges in the most effective and efficient way.

**The Opportunity**:
Leads the design, management, implementation and monitoring of the IT Risk and Compliance program at Symcor, and audits/client assessments to ensure compliance with Symcor, regulatory and client requirements. Works with various stakeholders for mitigating and managing IT risks. Leads and executes on enterprise wide technology controls through control design and effectiveness testing. Develops, maintains and monitors IT Risk and Control governance and compliance related processes, procedures and controls in order to improve the IT control environment, in accordance with Symcor’s IT Compliance Framework, IT Risk Policy and Information Security Policy.

If you are passionate and have practical experience about IT Risk and working in heavy compliance industries this may be the next opportunity for you

This is a hybrid role.

About The Role
- Lead the design, management, implementation and monitoring of Symcor’s IT Risk and Compliance program
- Lead the design, development, execution/testing and monitoring of IT controls to identify gaps and ensure compliance with Symcor IT policies
- Lead the design, development, and roll out/facilitation of the information security awareness training program in collaboration with HR to educate Symcor employees and raise awareness regarding information security and IT risk.
- Design, prepare and evolve periodic IT Risk Management Reports, including Risk Profiles, KRIs, KPIs and Dashboards for all technology domains, to Senior Management.
- Assist in annual security planning by maintaining the risk register and providing analysis of trending related to KRI's.
- Perform ongoing review risk trends and report (as required) to applicable information custodians and CISO.
- Lead IT representative to interface with Internal & External Audit, Assessors, Vendors and Client.
- Interface with the client, external third-party assessors and internal auditors to organize reviews/audits.
- Collect, review and organize evidence in preparation of the client/external/internal audit compliance review meetings.
- Work with Legal, Privacy, IT Vendor Management and Procurement to streamline MSA requirements.
- Prepare and evolve periodic IT compliance management reports and dashboards.
- Execute firewall rule review and approval process.
- Monitor data leakage prevention and follow-ups.
- Review and manage privileged id request and approval.
- Coordinate execution of internal and external penetration testing.
- Manage SSL Certificate for internal and external clients.
- Review policies and procedures, architecture diagrams, solution designs document and other similar documents and provide input /feedback from IT Risk and Compliance perspective.
- Coach and mentor more junior IT Risk and Compliance analysts

What You Need To Succeed

**Education**:

- Completion of a post-secondary college diploma or university degree in a related discipline or a combination of education, training and experience deemed to be equivalent.
- CISA, CISSP, CISM, CRISC, CIA, CGEIT or similar active certification

**Experience**:

- Must have at least 4 years of experience in IT Security, IT Risk. IT Audit and/or IT Governance field
- Strong knowledge and/or prior experience in the financial services industry

**Skills**:

- Strong knowledge of the general security threat landscape, culture and regulatory/IT compliance expectations, as well as an ability to stay current with this level of knowledge
- Strong knowledge of regulatory and industry standards such as PCI DSS, ISO27002, COBIT, Trust Services Principles and other security/IT governance specific industry frameworks
- Experience working with GRC Tool
- Awareness of IT Risk and Compliance trends in the industry and with 3rd party vendors

What’s In It For You

At Symcor, we define our success by what we help others achieve. We were created to support our clients and, through our products, services, and solutions, protect and strengthen their brands. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
- A comprehensive Total Rewards Program that includes a competitive compensation package, flexible benefits and time away options, retirement and savings plans and a commitment to your overall health and well-being through our myWell-being program.
- Leaders who support your development through coaching and managing opportunities.
- Ability to make a difference and lasting impact.
- Opportunities to do challenging work and progressively take on greater accountabilities for growth.
- We foster an inclusive atmosphere of One Symcor