Senior Analyst, Operational Risk Management - IT & Cyber Risk Management

Job Description

We are currently looking for a Senior Analyst, Operational Risk Management (ORM) – IT & Cyber Risk Management, reporting to the Senior Manager, ORM to oversee the IT and Cyber programs at PCF. In this second line of defence function, the successful candidate will independently challenge how IT and cyber risks are managed by the first line of defence. In this role, the incumbent will also work with outsourced vendors and third parties to assess the IT and cyber practices, identifying areas for improvement.

What you’ll do

  • Develop and understanding of end to end IT & Cyber programs and effectively identify and challenge potential gaps
  • Document the risk and controls, escalating unmitigated risks and control weaknesses to the first line of defence
  • Participate in key vendor meetings, identifying gaps in the vendor’s cyber programs and working with the vendors to remediate
  • Independently assess the cyber security assessment process and results that are performed by the first line of defence
  • Track all outstanding audit, regulatory and oversight review issues, working with the first line of defence to ensure an appropriate action plan is in place and on target
  • Develop and manage relationships with the business functions, vendors and third parties
  • Assist in vendor security governance process, including annual assessments, ongoing monitoring, site visits, and due diligence
  • Assist in cyber and technology risk assessments in projects
 

What you’ll need

  • College or University diploma or degree is required
  • 3 to 5 years of relevant experience and Cyber technical expertise
  • Certifications preferred: CISSP, CRISC, CISM
  • Experience with identifying control gaps and effectively challenging the first line function
  • Strong communication skills (both oral and written); proven experience articulating security and risk-related concepts to all audiences, including senior executives
  • Ability to work independently, or in cross-functional teams, as required
  • Location - Toronto, Canada
  • Duration- Full Time
  • Years of experience – 3-5+ years
Senior Analyst – IT & Cyber Risk Management

* Required