IT & Cyber Risk and Control Analyst
6 months ago
Questrade Financial Group (QFG) of Companies is committed to helping our customers become much more financially successful and secure.
We are everything a traditional financial institution is not. At QFG, you will be constantly moving forward, bringing the future of fintech into existence. You will be a part of a collaborative team that cares deeply about our mission and each other. Your team members will help you conquer challenges, push boundaries and discover what you are truly capable of.
This is a place where you can explore, discover and learn with continuous growth. As a diverse and inclusive place to work, there are flexible working arrangements so you can unleash your creativity and curiosity with no limits. If you share the same sense of infinite possibility, come shape your future at Questrade.
What’s in it for you as an employee of QFG?
- Health & wellbeing resources and programs
- Paid vacation, personal, and sick days for work-life balance
- Competitive compensation and benefits packages
- Hybrid and flexible work arrangements
- Career growth and development opportunities
- Opportunities to contribute to community causes
- Work with diverse team members in an inclusive and collaborative environment
What’s it like working as a IT & Cyber Risk and Control Analyst at Questrade?
The IT & Cyber Risk and Control Analyst is responsible for supporting the day-to-day monitoring and reporting of systems and processes for IT & Cyber Risk and Control across the Questrade Financial Group. This includes the monitoring and reporting mechanisms that highlight areas of risk exposure and opportunities for effective control of business risk arising from the use of technology. The IT & Cyber Risk and Control Analyst operates as part of a team of IT & Cyber Governance, Risk and Control professionals within the Office of the Chief Information Officer (OCIO) and interfaces with other technology, security, risk management and compliance areas at the enterprise and line of business levels.
Need more details? Keep reading
**In this role, responsibilities include but are not limited to**:
- Supports implementation and operation of the IT & Cyber Governance Framework, tools, processes, and methodologies.
- Supports collection of data on the status and performance of IT & Cyber services and initiatives to identify performance and/or control weaknesses that may lead to business risk.
- Performs analysis and aggregation of IT & Cyber performance, risk and control metrics for reporting, internal control effectiveness validation and attestation.
- Tracks remediation of identified IT & Cyber process and control gaps in the Enterprise Technology Risk Register working with stakeholders to maintain resolution traction and accurate reporting.
- Collects IT & Cyber Risk and Control metrics and indicators to produce dashboards and reports for management.
- Assists with or executes Risk and Control Self-Assessments and the review of evidence and artifacts to support self-assessment rationales.
- Works with Technology and Security Operations teams and SMEs to implement and operationalize IT process, risk and control templates, reports and metrics.
- Coordinates reporting of Operational and Cyber Resilience testing and scenario simulation exercises.
- Assists with the review or revision of policies, standards, and procedures for IT Governance, IT Operations, and IT Security.
- Coordinates and supports Regulatory, Internal and/or External Audit requests for information and vetting of material provided by respective operational teams.
- Validates completeness of technology project artifacts for risk management of material projects.
- Reviews and confirms completeness of incident reports and that all relevant details are captured for regulatory reporting.
So are YOU our next IT & Cyber Risk and Control Analyst ? You are if you
- 1 to 3 years of experience in information technology Internal Audit and/or Risk Management in a regulated financial institution.
- 1 to 3 years of hands-on information technology or security operations experience.
- Holds one or combination of CISA, CRISC, CGEIT or working towards them.
- Experience writing or updating Technology and Security procedures.
- Experience building key performance and risk indicator dashboards and reports.
- Understanding of a broad set of industry best practices (COBIT, ITIL, NIST CSF, Cloud CSC, Agile SAFe, PCI-DSS, etc.)
- Exposure to financial industry business processes.
- Exposure to enterprise and operational risk principles and practices.
- Exposure to risk scenario analysis, risk quantification and loss event data reporting.
Characteristics
- Takes ownership of tasks and drives them to completion.
- Strong written, oral communication, and interpersonal skills.
- Ability to communicate with individuals at all levels of an organization.
- Highly motivated with a mature and positive attitude towards learning new skills.
- Familiarity working with Google Workplace tools
-
Senior Cyber Security Risk Analyst
22 hours ago
Toronto, Ontario, Canada Royal Bank of Canada Full timeJob Title: Senior Cyber Security Risk Analyst, IT Risk Management LeadAbout the Role:We are seeking an experienced Cyber Security Risk Analyst to join our team at the Royal Bank of Canada. As a key member of our IT Risk Management department, you will play a pivotal role in advancing our organization's technology, risk, security, and operations landscape.You...
-
Manager Cyber and IT Risk
1 month ago
Toronto, Canada Royal Bank of Canada Full time**Job Summary** **What's the opportunity?** **What will you do?** - Leverages Enterprise and Business Segment Controls, KRIs and dashboards to identify, assess, and drive improvement of the Cyber/IT Risk posture across Personal Banking and Commercial Banking (PB/CB) - Collaborates with PB/CB Business Managed Application (BMA) teams to improve Cyber/IT Risk...
-
Analyst I, Cyber Threat and Vulnerability Management
3 months ago
Toronto, Canada Toronto District School Board Full time**Permanent, full-time position - Toronto, ON** Reporting to the Senior Analyst, IT Security Threat Management, the Analyst I, Cyber Threat and Vulnerability Management, will assist the Senior Analyst to ensure that the Cyber Threat and Vulnerability Management functions are managed and carried out. The Analyst I, Cyber Threat and Vulnerability...
-
Manager, Cyber
2 weeks ago
Toronto, Canada Scotiabank Full timeRequisition ID: 213062 Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture. Contributes to the overall success of Cyber & IT Risk Management, Global Risk Management (GRM) globally ensuring specific individual goals, plans, initiatives are executed/delivered in support of the team’s business strategies and...
-
Cyber Risk Management Director
4 weeks ago
Old Toronto, Canada EQ Bank | Equitable Bank Full timeJob Title:Cyber Risk Management DirectorAbout the Role:We are seeking an experienced Cyber Risk Management Director to join our team at EQ Bank | Equitable Bank. As a key member of our organization, you will play a critical role in directing and managing our cyber risk management programs.Responsibilities:Develop and oversee the bank's Cyber Resilience...
-
Toronto, Ontario, Canada Royal Bank of Canada Full timeJob DescriptionRoyal Bank of Canada is seeking an experienced Technology Risk Management and Cyber Security Expert to join our team. As a key member of our organization, you will play a critical role in supporting the identification and mitigation of operational, IT, and regulatory risks.About the RoleThe Senior Analyst - IT Risk Management position involves...
-
Director, Cyber Resilience
1 month ago
Toronto, Canada EQ Bank | Equitable Bank Full timePurpose of the Job This role is responsible for the directing, planning and organizing the bank’s Cyber Risk Management, Cyber Supply Chain Risk management, Enterprise Cyber Security Controls management and resilience testing capabilities. This role develops and manages processes that manage Cyber risk lifecycle from identification to treatment and...
-
Cloud Security Expert
4 weeks ago
Old Toronto, Canada Cyber Crime Full timeBDO Canada's Cybersecurity consulting team is seeking a seasoned expert to join our Cloud Security Engineering group. As a Cloud Security Expert, you will be working closely with clients and internal teams to ensure project goals are met, delivering high-quality work on time and within budget.Key Responsibilities:Collaborate with clients and internal teams...
-
Director, Cyber Resilience
4 weeks ago
Toronto, Canada EQ Bank | Equitable Bank Full timePurpose of the JobThis role is responsible for the directing, planning and organizing the bank’s Cyber Risk Management, Cyber Supply Chain Risk management, Enterprise Cyber Security Controls management and resilience testing capabilities. This role develops and manages processes that manage Cyber risk lifecycle from identification to treatment and...
-
Director, Cyber Resilience
4 weeks ago
Toronto, Canada EQ Bank | Equitable Bank Full timePurpose of the JobThis role is responsible for the directing, planning and organizing the bank’s Cyber Risk Management, Cyber Supply Chain Risk management, Enterprise Cyber Security Controls management and resilience testing capabilities. This role develops and manages processes that manage Cyber risk lifecycle from identification to treatment and...
-
Director, Cyber Resilience
4 days ago
Toronto, Canada Disability Solutions Full timePurpose of the Job This role is responsible for the directing, planning and organizing the bank's Cyber Risk Management, Cyber Supply Chain Risk management, Enterprise Cyber Security Controls management and resilience testing capabilities. This role develops and manages processes that manage Cyber risk lifecycle from identification to treatment and...
-
Chief Cyber Risk Management Officer
4 days ago
Toronto, Ontario, Canada Disability Solutions Full timeAbout the RoleWe are seeking a highly skilled Chief Cyber Risk Management Officer to join our team at Disability Solutions. In this key role, you will oversee and develop processes to manage the bank's cyber risk lifecycle, from identification to treatment and monitoring.Main Responsibilities:Oversee the bank's Cyber Resilience Testing program, including red...
-
Cyber Security Analyst
7 months ago
Toronto, Canada Roots Full timeRoots is more than just an/the iconic Canadian retailer, we are a group of passionate employees who act with integrity, trust each other, and do what is right. We work in a space where people can grow and develop, with a team of people who own results and are dedicated to seeing Roots win. We seek to build longstanding relationships with partners who share...
-
Cyber Analyst
7 months ago
Toronto, Canada IMCO Full timeAt IMCO, our talent is among the best! IMCO offers a uniquely stimulating and rewarding environment where you can help build and drive organizational transformation, all while seeking to challenge yourself, learn, and grow your career. We offer a culture of collaboration and passion, creating unwavering value for the clients we serve. Our vision is to be...
-
IT Risk
4 weeks ago
Old Toronto, Canada Scotiabank Full timeJoin a purpose driven winning team, committed to results, in an inclusive and high-performing culture.The Scotiabank IT Risk Management team plays an important role in the Bank’s Three Lines of Defense Framework, providing First Line of Defense for Scotiabank and the Bank for all technology risk domains, including Cyber Security, Data Privacy, Software...
-
IT Risk
4 weeks ago
Old Toronto, Canada Scotiabank Full timeJoin a purpose driven winning team, committed to results, in an inclusive and high-performing culture.The Scotiabank IT Risk Management team plays an important role in the Bank’s Three Lines of Defense Framework, providing First Line of Defense for Scotiabank and the Bank for all technology risk domains, including Cyber Security, Data Privacy, Software...
-
Director, Cyber Resilience
4 weeks ago
Toronto, ON, Canada EQ Bank | Equitable Bank Full timePurpose of the Job This role is responsible for the directing, planning and organizing the bank’s Cyber Risk Management, Cyber Supply Chain Risk management, Enterprise Cyber Security Controls management and resilience testing capabilities. This role develops and manages processes that manage Cyber risk lifecycle from identification to treatment and...
-
Director, Cyber Resilience
4 weeks ago
Toronto, ON, Canada EQ Bank | Equitable Bank Full timePurpose of the Job This role is responsible for the directing, planning and organizing the bank’s Cyber Risk Management, Cyber Supply Chain Risk management, Enterprise Cyber Security Controls management and resilience testing capabilities. This role develops and manages processes that manage Cyber risk lifecycle from identification to treatment and...
-
Director, Cyber Resilience
4 weeks ago
Toronto, Ontario, Ontario, Canada EQ Bank | Equitable Bank Full timePurpose of the JobThis role is responsible for the directing, planning and organizing the bank’s Cyber Risk Management, Cyber Supply Chain Risk management, Enterprise Cyber Security Controls management and resilience testing capabilities. This role develops and manages processes that manage Cyber risk lifecycle from identification to treatment and...
-
Cyber Security Risk Manager
4 weeks ago
Toronto, Canada Infotek Consulting Services Inc. Full timeJob DescriptionWe are seeking an experienced Cyber Security Risk Manager to join our team at Infotek Consulting Services Inc. in Toronto.About the JobThis is a hybrid contract opportunity where you will work on various projects and tasks related to cybersecurity, risk management, and governance.ResponsibilitiesManage and mitigate cyber security risks by...
