Senior Manager Governance, Risk

4 weeks ago

Edmonton, Canada CN Full time
Job Summary

The purpose of this role is to establish and maintain an industry leading Governance, Risk & Compliance (GRC) practice, develop & mentor a team, and develop policies, standards, risk registries and metrics to comply with business and regulatory requirements and build resilience in people, systems and data to enable CN to reach strategic goals and objectives in the face of evolving cyber threats.

Main Responsibilities

Leading Others

·Partner with HR to maintain and bring new talent to the organization by determining which skills and roles will be required in the future, supporting, and demonstrating diversity and inclusion, and by making thoughtful hiring decisions

·Provide a positive and welcoming onboarding experience to all new employees by ensuring they have access to the tools and resources needed to fulfill the requirements of their job

·Recognize employee milestones (service awards, retirements, etc.) as well as significant contributions and enhanced responsibilities

·Focus on communications and foster collaboration by regularly providing updates to teams about ongoing initiatives and encouraging teams to work together to accomplish common goals and learning

·Manage employee performance to enable potential and ensure employees not meeting expectations are identified and supported through the performance improvement process

·Create and enable a positive and engaging work environment by ensuring individual strengths are uncovered and leveraged through frequent and focused conversations - collaborate, coach, and build connections with employees

·Participate in succession planning by contributing to the yearly talent review cycle and identifying employees with the potential to move up the management and expertise paths

·Support employee development by having regular career conversations with all employees (documented and tracked) and supporting them in reaching their career goals

·Ensure knowledge is preserved through cross-training for key skill sets in the team (knowledge transfer)

Governance, Risk & Compliance (GRC) Practice Development

·Direct and put in place the proper GRC organizational structure and practices to track and manage information and cyber risk for both IT and OT (Operational Technologies) environments and ensure compliance while enabling the business for digital transformation. Incorporating behavioral change as a key risk management strategy with security awareness training and testing.

·Ensure the GRC processes are sustainable and properly documented

·Maintain and build relevant, current, valid and reliable team knowledge related to governance, risk and compliance programs and practices.

·Advance team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members

·Ensure the full documentation and timely updates of policies, standards, guidelines, risks, exceptions, management action plans, and GRC processes through clear diagrams and well-written documents

GRC Continuous Improvement 

·Collaborate with the CISO, cybersecurity team, portfolio managers, architects, business and I&T leadership to understand the business direction and consequent impact on the security posture and risk appetite

·Monitor threat intelligence sources, Security Operations Center (SOC) reports, vulnerability management reports, internal audit reports, regulatory changes, industry reporting and business impact analysis to accurately identify and articulate the risk priorities and implement appropriate controls to maintain an appropriate security posture

·Engage the cybersecurity vendor ecosystem to understand capabilities and limitations to drive improvements in the security posture of current products, and assist in the selection of the right partners

·Continuously monitor and evaluate the environment, including third party risk and subsidiaries, through self-assessments and independent security reviews as well as metrics against the framework. Identify deficiencies and inefficiencies and initiate improvement actions though engaging leadership and architecture.

Working Conditions

Occasional business travel (Canada and US) in accordance with CN policy

Requirements

Experience

·Minimum 15 years overall work experience in audit, IT sales, or IT delivery

·Minimum 10 years experience in IT audit or IT governance, risk and compliance

·Minimum 5 years experience in managing IT governance, risk and compliance

·Railroad, transportation, or Global industrial experience is a significant plus (asset)

Education/Certification/Designation

·Bachelor’s degree in Computer Science, Business Administration, System Analysis or other relevant field (or) an additional 5 years of relevant experience.

·At least one recognized cybersecurity certification appropriate for GRC: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Privacy Professional (CIPP), Certified in Risk and Information Systems Control (CRISC), etc.

Competencies

·Demonstrated capability to understand the security implications of complex business operations and how they are linked to technological or process solutions that provide practical risk mitigation and business enablement

·Significant experience in applying a structured approach to problem resolution in large, geographically dispersed organizations with 24/7 operations

·Proven collaborative leadership and teamwork aligning to strategic business objectives

·Excellent written and verbal English communication skills with French highly desirable, able to interact with a broad cross-section of personnel to explain risks and enforce security measures

·Detail-oriented self-starter with a high level of commitment and personal motivation

·Knack for prioritizing tasks and working in a fast-paced, Agile environment

Technical Skills/Knowledge

·Knowledge and practical experience applying standards, frameworks, regulations, and legislation governing information security and privacy, NIST, ISO 27001, COBIT, SOX, PIPEDA

·Knowledge and general understanding of IT and OT security controls and control models.

·Knowledge of data classification, security policies and standards, strategic threat intelligence, threat modeling, vulnerability management, risk assessments, third party risk programs, risk management techniques, risk registries, regulatory compliance, security awareness training and testing, security metrics, security enforcement, and other relevant GRC areas of practice.

This position is posted as a grade LEVEL 5. For internal candidates, note that the grade level of the position may adjust based on the employee's experience.

  • Security & Risk Consultant

    1 month ago

    Edmonton, Canada Risk Control Canada Full time

    **“Our Goal is Clear: to deliver modern and practical risk management solutions to safeguard our clients, their personnel, assets, and reputation.”** **Details**:Risk Control is an expert risk management firm that provides solutions to our clients across Canada and internationally. Please review the minimum qualifications listed below before applying....

  • Assistant Vice President, Governance, Risk

    3 weeks ago

    Edmonton, Alberta, Canada Credit Union Deposit Guarantee Corporation Full time

    Reporting to the Vice President, Finance and Administration, the Corporation's next Assistant Vice President, Governance, Operational Risk and Compliance (AVP), leads the execution of our fiscal management strategies, operational risk management framework, and compliance policies and programs. Your strong communication skills and proven ability to solve...

  • Assistant Vice President, Governance, Risk

    3 weeks ago

    Edmonton, Canada Credit Union Deposit Guarantee Corporation Full time

    Reporting to the Vice President, Finance and Administration, the Corporation’s next Assistant Vice President, Governance, Operational Risk and Compliance (AVP), leads the execution of our fiscal management strategies, operational risk management framework, and compliance policies and programs. Your strong communication skills and proven ability to solve...

  • Assistant Vice President, Governance, Risk

    2 weeks ago

    Edmonton, Canada CFA Institute Full time

    Reporting to the Vice President, Finance and Administration, the Corporation’s next Assistant Vice President, Governance, Operational Risk and Compliance (AVP), leads the execution of our fiscal management strategies, operational risk management framework, and compliance policies and programs. Your strong communication skills and proven ability to solve...

  • Assistant Vice President, Governance, Risk

    2 weeks ago

    Edmonton, Canada CFA Institute Full time

    Reporting to the Vice President, Finance and Administration, the Corporation’s next Assistant Vice President, Governance, Operational Risk and Compliance (AVP), leads the execution of our fiscal management strategies, operational risk management framework, and compliance policies and programs. Your strong communication skills and proven ability to solve...

  • Assistant Vice President, Governance, Risk

    2 weeks ago

    Edmonton, Canada CFA Institute Full time

    Reporting to the Vice President, Finance and Administration, the Corporation’s next Assistant Vice President, Governance, Operational Risk and Compliance (AVP), leads the execution of our fiscal management strategies, operational risk management framework, and compliance policies and programs. Your strong communication skills and proven ability to solve...

  • Governance Analyst

    4 weeks ago

    Edmonton, Canada Government of Alberta Full time

    **Job Information**: Job Requisition ID: 46811 Ministry: Seniors, Community and Social Services Location: Edmonton Full or Part-Time: Full Time Hours of Work: 36.25 hours per week Regular/Temporary: Temporary Scope: Open Competition Closing Date: August 24, 2023 Classification: Subsidiary 02B 3625 Program Services 2 **About Us**: The Department of...

  • Manager, Enterprise Risk Management

    4 weeks ago

    Edmonton, Canada KPMG-Canada Full time

    **Overview** Our world is going through immense change, driven by a global pandemic, changing work habits, differing political perspectives and regulatory and global climate changes. Environmental, Social, and Governance (ESG) encapsulates all of these and more. As we and our clients articulate the goals and effort to address these issues, we are leading...

  • Measures and Risk Analyst

    6 days ago

    Edmonton, Canada Government of Alberta Full time

    **Job Information** Job Requisition ID: 56495 Ministry: Jobs, Economy and Trade Location: Edmonton Full or Part-Time: Full Time Hours of Work: 36.25 hours per week Permanent/Temporary: Permanent Scope: Open Competition Closing Date: April 29, 2024 Classification: Program Services 3 MA **Salary**: $2,626.89 to $3,448.73 bi-weekly ($68,561 -...

  • Risk Assessment Manager

    4 weeks ago

    Edmonton, Canada Pathfind Full time

    Are you looking to advance your career in risk assessment? Or are you an experienced professional seeking a role in a company that values community and upholds a strong corporate culture? Our client is a not-for-profit public agency and regulator, committed to providing risk-based regulatory oversight, looking for a qualified Risk Assessment Manager to...

  • Assistant Vice President Governance Operational Risk and Compliance

    4 weeks ago

    Edmonton, Canada Credit Union Deposit Guarantee Corporation Full time

    About the Credit Union Deposit Guarantee Corporation cudgc.ab.ca Established in 1974 as the Credit Union Stabilization Corporation, we are a pillar of financial security for Albertans. We began with a simple goal – to insure 100% of Alberta’s credit union deposits. In 1976, we broadened our scope by including credit adjudication in our services. The...

  • Assistant Vice President Governance Operational Risk and Compliance

    4 weeks ago

    Edmonton, Canada Credit Union Deposit Guarantee Corporation Full time

    About the Credit Union Deposit Guarantee Corporation cudgc.ab.ca Established in 1974 as the Credit Union Stabilization Corporation, we are a pillar of financial security for Albertans. We began with a simple goal – to insure 100% of Alberta’s credit union deposits. In 1976, we broadened our scope by including credit adjudication in our services. The...

  • Assistant Vice President Governance Operational Risk and Compliance

    4 weeks ago

    Edmonton, Canada Credit Union Deposit Guarantee Corporation Full time

    About the Credit Union Deposit Guarantee Corporation cudgc.ab.ca Established in 1974 as the Credit Union Stabilization Corporation, we are a pillar of financial security for Albertans. We began with a simple goal – to insure 100% of Alberta’s credit union deposits. In 1976, we broadened our scope by including credit adjudication in our services. The...

  • Senior Project Manager

    3 weeks ago

    Edmonton, Canada BQ INTERNATIONAL LTD. Full time

    Opportunity Title CL-Project Manager – SeniorDescription of ServicesResponsible for the coordination and completion of IT projects. Oversees all aspects of projects. Sets deadlines, assigns responsibilities, and monitors and summarizes progress of project. Builds and maintains working relationships with team members, vendors, and other departments involved...

  • Senior Project Manager

    3 weeks ago

    Edmonton, Canada BQ INTERNATIONAL LTD. Full time

    Opportunity Title CL-Project Manager – SeniorDescription of ServicesResponsible for the coordination and completion of IT projects. Oversees all aspects of projects. Sets deadlines, assigns responsibilities, and monitors and summarizes progress of project. Builds and maintains working relationships with team members, vendors, and other departments involved...

  • Senior Project Manager

    4 days ago

    Edmonton, Canada BQ INTERNATIONAL LTD. Full time

    Opportunity Title CL-Project Manager – SeniorDescription of ServicesResponsible for the coordination and completion of IT projects. Oversees all aspects of projects. Sets deadlines, assigns responsibilities, and monitors and summarizes progress of project. Builds and maintains working relationships with team members, vendors, and other departments involved...

  • Senior Project Manager

    3 weeks ago

    Edmonton, Canada BQ INTERNATIONAL LTD. Full time

    Opportunity Title CL-Project Manager – SeniorDescription of ServicesResponsible for the coordination and completion of IT projects. Oversees all aspects of projects. Sets deadlines, assigns responsibilities, and monitors and summarizes progress of project. Builds and maintains working relationships with team members, vendors, and other departments involved...

  • Assistant Vice President Governance Operational Risk and Compliance

    3 weeks ago

    Edmonton, AB, Canada Credit Union Deposit Guarantee Corporation Full time

    About the Credit Union Deposit Guarantee Corporation Established in 1974 as the Credit Union Stabilization Corporation, we are a pillar of financial security for Albertans. We began with a simple goal – to insure 100% of Alberta’s credit union deposits. In 1976, we broadened our scope by including credit adjudication in our services. The 1980s were...

  • Senior Project Manager

    3 weeks ago

    Edmonton, AB, Canada BQ INTERNATIONAL LTD. Full time

    Opportunity Title CL-Project Manager – Senior Description of Services Responsible for the coordination and completion of IT projects. Oversees all aspects of projects. Sets deadlines, assigns responsibilities, and monitors and summarizes progress of project. Builds and maintains working relationships with team members, vendors, and other departments...

  • Senior Project Manager

    1 month ago

    Edmonton, Canada Vantix Systems Inc. Full time

    Our Client is seeking a Senior Project Manager for the coordination and completion of IT projects. The candidate will oversee all aspects of projects. Set deadlines, assign responsibilities and monitor and summarize progress of project. Build and maintain working relationships with team members, vendors, and other stakeholders involved in the projects.Client...