Patch Coordinator
HRBrain
We are looking for a Patch Coordinator! Reach out if you are interested and feel free to refer friends/colleagues!
Type of Employment: Contract
Title: Patch Coordinator
Term: 6-month
Location: Toronto – WFH while they adopt their return to work plan
Job ID number: C1094
Brief description of duties:
That individual will partner with the first line of defense (Technology and other business units as applicable) in identifying, reporting, and mitigating technology risk issues and provide subject matter expertise in technology risk management practices. That person will also assist the Director, Technology Risk in overseeing the completion of technology risk assessments and controls testing, incident management and other duties as assigned. It also includes ensuring compliance with regulatory requirements and guidance. As a second line of defense role, it will provide independent challenge to the first line.
MUST haves:
- Assess and monitor the Bank’s risks and exposures against the Board-approved Risk Appetite Framework.
- Articulate and escalate risks promptly to drive the right discussions with the risk owners (including the senior leadership team) to address any significant risks.
- Provide guidance on enterprise-level policies and standards that reflect the Bank Board approved risk appetite, risk tolerances and risk limits.
- Contribute to the drafting and management of policies and procedures and analytics.
- Promote risk awareness throughout the Bank of technology, cyber and data risks, and ensure that appropriate training is provided to Bank staff in collaboration with the technology group as applicable.
- Support the enterprise ORM Framework by providing challenge on the following activities, including but not limited to:
- Risks and controls identification (RCSA) for core technology processes;
- Testing of key controls identified from the RCSA, and remediation on any identified gap;
- Technology risk related scenario analysis;
- Key Risk Indicators and metrics and monitoring on KRI results and mitigation action(s).
- Make and recommend policy, procedure and control enhancements as required to address emerging risks and regulatory changes.
- Participate in audit and regulatory risk discussions, and Operations Committees as needed.
- Liaise with regulators and law enforcement as required.
- Oversee new initiatives and vendors risk assessments.
- Management and Board reporting as required.
Qualifications:
- 3+ years of experience in Technology operations, Risk Management and/or Internal Audit in the financial services industry
- Prior experience in controls assessment and reporting
- Exposure to OSFI, COBIT, NIST or ISO 27001
- Proficient with MS Office applications (Word, Excel, PowerPoint)
- Strong presentation and facilitation skills
- Excellent verbal and written communication skills
- Strong ability to lead and influence change with executives
- Undergraduate degree in Computer Science / Computer Engineering /
Attributes:
- Effective organizational, project and time management skills with the ability to prioritize, support and anticipate the needs of the department and deliver on concurrent projects with competing priorities.
- A positive attitude, a desire to learn, and a willingness to persevere to get work done, either independently or as part of a team.
- Strong attention to detail and accuracy.
- Well-developed analytical, problem solving and research skills.
- Polished verbal and written communication skills, including experience in preparing and presenting reports to various levels of management.
Nice to haves:
- Experience in banking
- Risk Management is an asset.
- Accreditation such as CISSP, CISM, CRISC, CGEIT, CISA, CRM and/or similar is desirable
Job Features
Job Category | Risk consultant |
Risk Management | 3+ |
Internal Auditing | 3+ |
Banking experience | nice to have |