Risk and Control IT Senior Manager
Risk and Control IT Senior Manager
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
About Citco:
Citco is a global leader in fund services corporate governance and related asset services with staff across 80 offices worldwide. With more than $1.8 trillion in assets under administration (AuA) we deliver end-to-end solutions and exceptional service to meet our clients needs.
For more information about Citco please visit
About the Team & Business Line:
Were a family-owned business not a faceless corporation. This personal approach informs every aspect of our customer service where we develop long-lasting relationships with our clients. But we dont stop there: we also build these same bonds among our own teams too. Here weve created a community where colleagues support one another and different departments help others succeed. And here weve cultivated a culture where employees care about our company values and live them in their work. At Citco this people-centric philosophy is the core of who we areand it shines through in everything we do every day.
Responsibilities
Your Role
The Risk and Control Team is a group wide resource which covers all of the divisions within the Citco Group of companies as defined on . The R&C strategy is to work to support the organization by implementing a formal risk and control framework. Furthermore the R&C function is responsible for coordinating all controls testing as part of the annual SOC 1 and SOC 2 certifications for all divisions within the Citco Group.
We are looking for a Risk and Control IT Senior Manager (SVP) based in Toronto Canada. The IT Senior Manager (SVP) will report directly to the Head of R&C function based in Amsterdam and will be responsible for:
- Manage the overall relationship with the external SOC 1 / SOC 2 auditor (EY) on an ongoing basis.
- Manage and lead the team in Manila in charge of testing the controls for the annual SOC 2 engagement. This may include but is not limited to:
- Analyzing the current control environment against the SOC 2 Trust Services (specifically the Common Criteria) to identify gaps;
- Liaising with Audit Risk Management Security and Technology teams to enhance or implement control activities as needed;
- Drafting control activity test procedures that determine operational effectiveness;
- Creating and adhering to a project plan so that all required activities are completed within Managements expected timelines.
- Overseeing execution of testing as prescribed by the project plan.
- Engaging with other R&C staff internal subject matter experts and external audit professionals to organize preparation of test evidence process walkthroughs Management reporting and other key SOC 2 deliverables as prescribed by the project plan.
- Working closely with the R&C IT team members to develop SOC 2 report language intended for a broad audience (internal stakeholders client organizations external auditors and others).
- Work collaboratively with other team members within R&C to cover the scope and objectives of other Risk Management / SOC projects in an effective and efficient manner as assigned by the Head of R&C.
- Ensure that the annual SOC 1 / SOC 2 reports are of good quality and are delivered on a timely basis to Management and external stakeholders.
- Support the organization in implementing an effective and efficient risk management and control framework (both Business processes and Information Technology processes).
- Evaluate existing IT processes and make recommendations for improvement (e.g. adding efficiency reducing risk) to IT Senior Management as needed.
- Coach mentor and / or train junior R&C IT staff members to meet R&C Managements objectives.
Qualifications
About You
Education
- The candidate should be educated to at least Masters degree level from an accredited college / university.
- A relevant and recognized professional qualification such as Certified Information Systems Auditor (CISA) CISM or CIA or equivalent is desirable.
Professional Experience
- Minimum ten years of experience of working in a progressive risk management / internal controls / internal IT audit function of a financial institution / Big 4 audit firm. Ideally the candidate will have experience in the financial services and / or alternative investments industry.
- Minimum of five years of experience in working on SOC 1 / SOC 2 certification projects either being part of an internal Risk & Control team or being part of an external auditor team delivering the SOC 1 / SOC 2 reports.
- Strong relationship management and communication skills when communicating with the external SOC auditor or when communicating with Senior Management within the organization.
- Strong reporting skills proven track record of writing and completing multiple SOC 1 and/or SOC 2 reports in the English language.
- The candidate should have experience allocating workloads to guiding coaching and overseeing senior and junior staff.
- Proficiency with Word Excel and PowerPoint is expected.
- Preferable to have experience with automated internal audit applications / tools Service Desk Manager Jira ACL (Galvanize) VBA database IDEs AWS Cloud technologies etc.
Our Benefits
Your well being is of paramount importance to us and central to our success. We provide a range of benefits training and education support and flexible working arrangements to help you achieve success in your career while balancing personal needs. Ask us about specific benefits in your location.
We embrace diversity prioritizing the hiring of people from diverse backgrounds. Our inclusive culture is a source of pride and strength fostering innovation and mutual respect.
Citco welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection.
#LI-BL1
Required Experience:
Senior Manager
Employment Type
Full-Time
