Analyst, Governance and Risk

BDO is a firm built on a foundation of positive relationships with our people and our clients. Each day, our professionals provide exceptional service, helping clients with advice and insight they can trust. In turn, we offer an award-winning environment that fosters a with a high priority on your personal and professional growth.

Reporting to the Senior Manager, Strategy and COE, you will be primarily responsible for supporting technology initiatives focused on ensuring alignment with IT strategic objectives, business goals, and internal or external compliance needs. You will drive the development and improvement of standards, policies, procedures, and repeatable processes ensuring these are instituted to meet the needs of the firm, IT organization and IT risk management requirements. Key accountabilities and responsibilities include :

Support the IT Management team with assessing IT risk and governance resulting in recommendations for improving oversight and decision-making

Lead the development, update and approval of IT standards, policies, procedures, and repeatable processes by collaborating and eliciting needs from technical SME’s

Collaborate with the IT Management team to align governance for standards, policies, and procedures with core IT disciplines of Architecture, Security, Support services, Infrastructure, Application Development & Management, Project Management, Change Management and Risk Management

Work the IT leadership to ensure that IT tools, technologies, and integrations remain current with internal and external compliance requirements and changes in technology advances

Conduct workshops, interviews and elicit needs from IT SME’s, vendors, and business partners

Ensure IT processes and controls are efficient, maintained and managed appropriately

Drive IT governance awareness and communications to the IT organization and firm

Collaborate with the Information Security team to support the assessment, monitoring, evidence gathering, and remediation of IT controls for internal / external audits such as SOC 1, SOC 2+, ISO27001 or similar

Lead and support the assessment, monitoring and remediation of compliance issues including working with third-party auditors

Establish, develop, and maintain strong relationships with vendors, business partners and other stakeholders, both internally and externally, to ensure business and technical objectives are met

Support key technology projects from the governance perspective including guiding, documenting, and enhancing related controls, standards, policies, processes, and procedures

Serve as a steward fostering change and modernization to BDO IT’s governance practices and technical operations

How do we define success for your role?

You demonstrate BDO's core values through all aspect of your work : Integrity, Respect and Collaboration

You understand your client’s industry, challenges, and opportunities; client describe you as positive, professional, and delivering high quality work

You identify, recommend, and are focused on effective service delivery to your clients

You share in an inclusive and engaging work environment that develops, retains and attracts talent

You actively participate in the adoption of digital tools and strategies to drive an innovative workplace

You grow your expertise through learning and professional development

Your experience and education

University Degree or College Diploma in Software Engineering, Computer Science or Business Administration or equivalent work experience

3-5 years of working with IT governance, IT strategy and design, IT operating models, and compliance frameworks such as SOC, ISO27001 or similar

3-5 years of experience developing policies and supporting documentation for IT processes

Understanding of information security concepts such as identity and access management, authorization, encryption, privacy (PIPEDA, PII), and data security controls

Experience with core information technology services including data and BI, application management, security (IAM and privacy), risk, architecture and service planning, infrastructure and operations, strategy and governance, project management, and financial management

Working knowledge and experience in MS suite of products (O365)

Excellent facilitation, presentation, verbal, and written skills with the ability to convey complex ideas and highly visible material to both business and technical staff of all levels

Excellent analytical, time management skills with the ability to manage multiple assignments simultaneously with tight deadlines

Demonstrated ability to work as an integral member of a team and proactively assist others with minimal supervision

Assets :

Experience working in professional services

Applicable ISACA certification such as CGEIT, CISA, CRISC or CISM

Experience with key frameworks and methodologies : SDLC, ISO, SOC, COBIT, PMI and ITIL