Sr. Analyst, IT Risk Oversight
Sr. Analyst, IT Risk Oversight
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Haventree Bank is a private Canadian Schedule 1 bank specializing in alternative mortgage programs and insured GIC deposits. We help hardworking Canadians from coast-to-coast achieve homeownership by offering flexible mortgage solutions. Our insured GIC deposits offer competitive rates and are available through a variety of wealth management platforms.
About Haventree Bank
Headquartered in Toronto Ontario Haventree Bank (Haventree) is a mission driven alternative mortgage lender. The name Haventree is representative of the banks mission to help its customers find a place of refuge and to lay down new roots for the future. Haventree exists to be a catalyst of financial security and upward mobility for Canadians who are underserved by the traditional financial system.
Position Summary:
Reporting to the Director of Enterprise Risk Management the Sr. Analyst IT Risk Oversight is responsible for the effectiveness and enhancement of Haventree Banks ORM framework including and not limited to managing the IT risk and governance frameworks Risk and Control Self Assessments (RCSA) BIAs & BCP. This role ensures that operational risks are identified assessed mitigated and monitored in accordance with regulatory requirements and industrys best practices. The role includes a combination of project initiatives policy and framework development risk assessment review monitoring and other program development initiatives and oversight. This role works closely with technology compliance and operations teams to maintain an integrated Governance Risk & Compliance (GRC) discipline in the organization.
Your expertise in people processes and technology in the evaluation of operational risk will be greatly valued in the on-going assessments of operational risk. Your technology background allows a peer-to-peer dialogue around Cyber security risk and the regular assessment of our Cyber security resiliency.
Major Duties & Responsibilities:
Provides oversight of the technology risk management and governance framework.
- Provides oversight and effective challenge to the work being performed by the 1st line.
- Operates as part of the Risk Management team and acts as the subject matter expert on all Technology-related matters within the department collaborating regularly with Enterprise IT & Cyber Governance.
- Responsible for the independent design execution and oversight of technology risk assessments control testing and validation of IT and cybersecurity controls.
- Conducts appropriate independent review and challenge of risk and control assessments.
- Requires a strong technical background to critically evaluate and challenge the design and effectiveness of 1st line of defense IT risk management practices and to analyze overall Information Technology performance risk metrics and control effectiveness against established standards policies and regulatory requirements.
- Partners with the first line of defense for risk assessment and reporting activities.
- Identifies investigates and escalates top and emerging risks of the organization.
- Provides effective second-line oversight on technology operations cybersecurity controls and incident management.
- Independently reviews and assesses the handling of security incidents ensuring appropriate response and remediation actions.
- Monitors and analyzes key IT risk indicators (KRIs) and metrics to identify emerging trends and potential control weaknesses.
- Analyzes data and highlights significant information including variances trends key risk indicators opportunities and exposures.
- Designs develops and implements risk reporting solutions to meet management requirements.
- Designs and implements the annual business continuity planning and testing exercise.
- Provides information and supports the internal and external audit processes.
- Contributes to the implementation of ORM best practices throughout the organization.
- Ensures IT compliance with relevant laws regulations and contractual obligations including OSFI guidelines (e.g. E-21 B-13 B-10) and other applicable financial industry regulations.
Qualifications & Experience:
Degrees Diplomas & Certifications:
The position requires a university degree with a focus in one or more of:
- Risk Management or Information Technology related fields.
Years and Range of Experience Required to Perform the Job:
- The position requires a minimum of 3 years work experience in a Risk Management or IT Risk Governance role.
- Holds one or a combination of CISA CRISC CGEIT CISM or working towards them.
- Understands a broad set of industry best practices (COBIT ITIL NIST CSF).
- Have experience in a Technology Risk Management Technology Governance or IT Audit / Quality Assurance role within the financial services industry
- In-depth knowledge of risk management frameworks and methodologies.
- Have in depth experience building maintaining and reviewing risk and control frameworks and their inputs.
- Have experience building reviewing or challenging key performance indicators (KPI) and key risk indicators (KRI).
- Demonstrated ability to deal comfortably with all levels of both internal and external contacts with a friendly professional attitude.
- Excellent communication and collaborator leadership skills with the ability to influence and work with senior leadership technical teams and other collaborators.
- Background in retail banking residential mortgage lending or financial services for an OSFI regulated Financial Institution is preferred.
- The position requires strong written and verbal communication skills and exceptional organization and time management skills.
While we thank everyone for their interest in Haventree Bank please note that only candidates selected for an interview will be contacted. Haventree Bank is committed to providing accommodation when needed. If you require an accommodation we will work with you to meet your needs.
- As a job candidate our recruitment process includes collecting personal information. Please click the link here to review our Privacy Policy.Privacy Statement Haventree Bank
- Stay in touch with us if this position is not the right one for you please click on this link for other roles atCareers Haventree Bankor follow us on LinkedIn at Bank embraces equal opportunity diversity and inclusion. Please let us know if you require any accommodations during the recruitment and selection process by contacting
Required Experience:
Senior IC
Employment Type
Full-Time
