Senior IT Risk Management Consultant (Capital Markets) to identify, assess, and mitigate potential technology risks

Our Tier 1 banking clients (capital markets) is seeking a seasoned IT Risk leader to identify, assess, and mitigate potential technology risks

Duration: 1 year contract to start

Location: Downtown Toronto - on site 2 days/ week

Work hours: 7.5 hours/day

Must Haves:

• 10 years’ experience in technology risk management/cyber security with a strong focus on mitigation and remediation.
• IT Risk management frameworks and methodologies
• Very good knowledge of cloud computing and services including SaaS, associated risks and vulnerability management.
• Understanding of Regulatory landscape in the financial services sector

Nice to Haves:

• Knowledge of GRC tools (e.g. ServiceNow, Archer).
• Capital Markets industry experience
• Accredited certification/designation such as CISA/CISSP/CRISC or similar.

Responsibilities:

Lead role to provide technology risk advisory services to business/tech partners within Capital Markets platform, including:

• Partner and build strong relationships with IT/business partners to assist, educate and proactively identify risks associated with IT activities.
• Lead and provide guidance to stakeholders on IT and Cyber Security risk mitigating initiatives with the focus of strengthening control environment.
• Prepare and present management reports summarizing IT and cybersecurity risks based on data and metrics with a business context lens that provide insights to leadership.
• Help application/business teams with proactive issue management including third-party risks.
• Lead and conduct IT Risk assessments, gap & root cause analysis to identify potential weaknesses in controls and recommend appropriate remediation strategies.
• Maintain assigned portfolio risk profiles to provide a strong fact-based opinion on the technology risk profile.
• Provide consultancy on broader themes like logical access mgmt./IAM, data protection, vulnerability mgmt., etc.