Specialist, IT Risk

5 days ago


Montreal, Canada Canada Mortgage and Housing Corporation (CMHC) Full time
Job Requisition ID: 10613

Position Status: Permanent Full Time

Position Type: Hybrid

Office Location: Ottawa (ON); Montreal (QC); Toronto (ON)

Travel Requirement: Travel not required

Language Designation: English Essential

Language Skill Levels (Read/Write/Speak): ZZZ

Security Requirement: Secret

Salary: Our salaries generally range from $ 83038.35 to $ 103797.93 and are based on qualifications and experience.

About CMHC

The work you do and the work we do together matters. We come to work every day with a common purpose: to contribute to a well-functioning housing system.

At CMHC, we hold ourselves accountable for our results and support our colleagues in their achievements. We thrive on collaboration, connecting across CMHC and involving the right people to get our work done. We have flexibility, in how, when, and where we work, within the boundaries of the business needs and the nature of your role. Our leadership style is guided by trust, where our leaders favour an adaptive approach based on the needs of their teams.

Join us and be part of a team that's committed to making a real difference and be part of something meaningful.

What's in it for you

We've got the purpose, the people and the perks you need for a fulfilling career. Here's the comprehensive and generous benefits you get when you're a permanent employee:

Annual paid vacation.
Annual individual performance incentive.
Defined benefit pension plan.
Comprehensive group insurance plan to support your well-being from day one.
Support towards your personal and professional growth with training, mentorship and more.
An inclusive workplace culture and environment.

About the role
Join the Information & Technology (IT) Risk and Compliance team, in the Specialist, IT Risk position. As the IT Risk Specialist, you will be responsible for assessing and interpreting data to determine the level of risk and other indicators of risk, ensuring the Risk Management Framework is aligned with CMHC's operations and technology, reviewing Audit's schedule and their findings, and recommending actions to fill any observed gaps. You will also be promoting a culture of risk awareness and providing training in risk management (i.e. internal and external control procedures and risk mitigation practices).

What you'll do:
Developing action plans that addresses all upcoming activities, oversight and/or audit findings and gaps and monitors progress against action plans (including purpose, scope, timelines, etc.).
Planning and executing various tasks such as: risk assessments, risk event reporting, control testing, security standard maturity assessments, deficiency identification and remediation, risk training, corporate and sector specific business continuity planning, lender attestations, compliance attestations and risk scenario analysis.
Creating and implementing analytical models for risk assessment, including the assessment and interpretation of data to determine risk concentration.
Reviewing draft oversight and/or audit reports/recommendations, obtaining feedback and completing a reconciliation report of recommendations.
Providing risk management expertise for the ongoing maintenance and enhancement of business systems, technologies and processes.
Conducting research on best practices and recommend changes to current risk policies, procedures, standards and guidelines.
Communicating and collaborating with other oversight functions on results of risk management activities within the sector.

What you should have:
A bachelor's degree preferably in Computer Science, Management Information Systems, Finance, Business Administration, Commerce, or in another related field.
A minimum of five (5) years of increasing responsibilities and experience in Risk and/or Audit.
A demonstrated experience in assessing and reviewing governance, work processes, controls and/or risk management, including IT General Controls testing.
Experience and/or knowledge within three or more of the following risk domains: Audit management, Risk management, Compliance management, Cybersecurity; Cloud technologies; Business continuity management and disaster recovery; Data governance and information management; and Vendor management.
A knowledge of operational risk management framework, risk management policy development and knowledge of internal control concepts and frameworks.
A familiarity with common security standards and regulations (ISO 27001, ISO 27001 SOX, PIPEDA/GDPR, CCPA, COBIT, NIST 800-53 and SOC2 reporting) is desired but expertise will be preferred.
Strong analytical, problem solving, and project management skills with the ability to undertake complete multiple, concurrent tasks.
Strong oral and written communication skills, including the ability to deliver professional advice or direction or present opinions and recommendations to a variety of audiences (technical and non-technical).

It would be great if you also had:
A professional designation in Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), Certified in the Governance of Enterprise IT (CGEIT), Professional Accounting (CPA), Certified Internal Auditor (CIA) or other relevant licence, designation, or certificate.
A demonstrated experience in working for financial institutions or insurance industries.
Bilingualism (English and French).

Posting closing date: Note, the competition will remain active until filled.

Our commitment to diversity, equity, and inclusion

We're committed to employment equity and encourage women, Indigenous Peoples, persons with disabilities, veterans and persons of all races, ethnicities, religions, abilities, sexual orientations, and gender identities and expressions to apply. We also welcome applications from non-Canadians who are eligible to work in Canada.

CMHC is an inclusive workplace where diversity of thought - and of people - are recognized, valued, and considered essential to achieving our mission.

Learn more about our commitment to diversity and inclusion

What happens after you apply

We know that applying for a new job can be both exciting and daunting, and we appreciate your effort. Learn more about our hiring process. If you are selected for an interview or testing, please advise us if you require an accommodation.

If you applied before and you were not successful don't worry - we're always posting new positions, so don't hesitate to give it another shot. We're excited to see what you bring to the table this time around

  • Montreal, Quebec, Canada 360 IT Professionals Inc. Full time

    At 360 IT Professionals Inc., we are seeking a highly skilled Information Security Risk Specialist to support our compliance and risk management activities. The ideal candidate will have a strong background in information security and be able to assess suppliers, identify risks, and develop remediation plans.Responsibilities:Conduct security assessments to...


  • Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full time

    At SGS Société Générale de Surveillance SA, we are seeking a highly skilled Quantitative Risk Specialist to join our team. The successful candidate will play a key role in ensuring the accuracy and effectiveness of our risk management models.About the Job:We are committed to sustainable growth and believe that our expertise, understanding of risks, and...


  • Montreal, Quebec, Canada Axelon Services Corporation Full time

    About the RoleAs an IT Security Risk Specialist at Axelon Services Corporation, you will be part of our Vulnerability Management team within the Cyber Data Risk & Resilience organization. In this 12-month contract position, you will work on Attack Surface Management (ASM) and focus on external scan findings from third-party cyber security ratings...


  • Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full time

    About the RoleWe are seeking a highly skilled Quantitative Risk Specialist to join our team in SGS Societe Generale de Surveillance SA. As a key member of our Risk Management Department, you will play a crucial role in analyzing, assessing, and managing risk-taking activities to achieve the best possible outcome for the bank.


  • Montreal, Quebec, Canada BFL Canada Full time

    We are seeking a highly skilled Risk Control Specialist to join our team in Montreal.The ideal candidate will have a strong background in risk management and the ability to analyze complex data to identify potential risks and develop effective mitigation strategies.This is an excellent opportunity for someone looking to advance their career in risk...


  • Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full time

    About the Role:The Quantitative Risk Model Specialist will be part of the Risk Management Department, which contributes to the sustainable growth of the Societe Generale group through its expertise, understanding of risks, and risk management techniques. The department's mission is to independently analyze, assess, manage and monitor risk-taking activities...


  • Montreal, Quebec, Canada Artech LLC Full time

    Artech LLC is currently seeking an experienced Operational Risk Specialist to join their team in Montreal, QC. The successful candidate will have the opportunity to work on a 6-month project with one of our clients in the financial industry.About the RoleThis is a unique opportunity to leverage your analytical and project management skills in an operational...


  • Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full time

    We are seeking a highly skilled and experienced Risk Governance Specialist to join our Model Risk Management team in Montreal. As a Risk Governance Specialist, you will play a critical role in ensuring the effective implementation of our Model Risk Governance framework across all models at Societe Generale in the Americas.About the Role:This is an exciting...


  • Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full time

    Role SummaryWe are seeking a highly skilled Risk Governance Specialist to join our Model Risk Management team in Montreal. As a key member of this team, you will play a pivotal role in driving the consistent application of our Model Risks' Governance framework for our Americas division.About the JobThe Model Risks' Governance Team is responsible for...


  • Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full time

    The Risk Management Department plays a pivotal role in Societe Generale's sustainable growth by leveraging its expertise, risk understanding, and management techniques.With a focus on analyzing, assessing, managing, and monitoring risk-taking activities, the department aims to achieve optimal outcomes for the bank.As part of this effort, the Model Risk...


  • Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full time

    As a Quantitative Risk Specialist, you will play a critical role in the Risk Management Department of SGS Société Générale de Surveillance SA. Located in New York City, you will be part of a team that contributes to the sustainable growth of the company through its expertise, understanding of risks, and risk management techniques.The department's mission...


  • Montreal, Quebec, Canada Crédit Agricole SA Full time

    Job Title: Senior Risk Management SpecialistJob Summary:We are seeking a highly skilled Senior Risk Management Specialist to join our team at Crédit Agricole CIB. As a Senior Risk Management Specialist, you will be responsible for articulating complex concepts and findings, highlighting narratives for senior management, and presenting data and validation...


  • Montreal, Quebec, Canada National Bank Full time

    Risk Management SpecialistAs a key member of the Technology, Cyber, and Data Risk Management team at National Bank, you will play a vital role in supporting the implementation of the Bank's risk management strategy. This role offers the opportunity to make a positive impact on the organization by overseeing risk governance for the 2nd line of defence.Your...


  • Montreal, Quebec, Canada Afirm Full time

    Job Summary: We are seeking a seasoned Risk Control Specialist to join our team as an independent contractor. The successful candidate will have a strong background in risk management, with expertise in identifying and mitigating potential hazards. Key Responsibilities: Conduct on-site risk assessments to identify potential hazards Develop and implement...


  • Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full time

    About SGS Socièté Générale de Surveillance SASGS Socièté Générale de Surveillance SA is a leading global company that contributes to the sustainable growth of its clients through its expertise in risk management. The company's mission is to independently analyze, assess, manage and monitor risk-taking activities with the objective of achieving the...


  • Montreal, Quebec, Canada eTeam Full time

    Job Opportunity: Business Risk Specialist in Montreal, QC (Hybrid) for 06 Months at $65/hr without benefits:OverviewThe eTeam is seeking a highly skilled Business Risk Specialist to join our team in Montreal, QC. This role will be responsible for monitoring and reporting on the CIB Operations Control framework through various control applications.Key...


  • Montreal, Quebec, Canada BDC Full time

    Company OverviewBDC is a leading financial institution in Canada, dedicated to supporting entrepreneurs and small businesses. Our mission is to foster economic growth and prosperity by providing innovative financial solutions and expert advice.Job SummaryWe are seeking an experienced IT Risk Management Specialist to join our team as a Senior IT Advisor. In...


  • Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full time

    Job OverviewWe are seeking a highly skilled Risk Governance Specialist to join our team at SGS Société Générale de Surveillance SA.This role offers an exceptional opportunity for a detail-oriented professional with a passion for enhancing model governance to make a significant impact in a dynamic, high-stakes environment.The ideal candidate will possess...


  • Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full time

    At SGS Société Générale de Surveillance SA, we are seeking a highly skilled Quantitative Risk Management Specialist to join our team.About the Job:The Risk Management Department plays a critical role in the sustainable growth of our organization by providing expertise and risk management techniques. Our mission is to analyze, assess, manage, and monitor...


  • Montreal, Quebec, Canada National Bank Full time

    Cyber Risk Management SpecialistEstimated Salary: $120,000 - $180,000 per year.About National BankNational Bank is a leading financial institution dedicated to providing exceptional banking services and innovative solutions to its clients. Our mission is to have a positive impact on people's lives, and we strive to create a workplace that values diversity,...