analyst, informatics security

RBC Dominion Securities | Posted on November 13, 2025

• Location: Toronto, ON
• Work location: On site
• Salary: $28.85 to $71.43 per hour
• Terms: Permanent employment, Full-time
• Start: As soon as possible
• Vacancies: 1
• Source: CareerBeacon #2188620

• Internal Control Testing: Participate in all phases of the internal control monitoring process, including planning, testing, evaluating risk, identifying mitigating controls, developing conclusions, writing reports, and maintaining work papers.
• Execute Control Testing: Perform risk‑based control assessments to evaluate the design, implementation, and operating effectiveness of IT and operational controls. Document test work while adhering to quality standards, procedures, and organizational best practices.
• Lead Control Assessments: Responsible for executing control assessments of Technology and Operations' first‑line Key Controls across various domains (including cyber security, cloud operations, service and capacity management, network operations). May act as designated lead tester/reviewer of control testing engagements.
• Conduct Concurrent Control Testing Engagements: Collaborate internally and externally across multiple concurrent testing engagements of varying complexity, ensuring they are completed efficiently and within timelines. Identify potential issues, conflicts, and risks, and escalating as necessary.
• Control Testing Reporting: Analyze, aggregate, and articulate the results, issues, and recommendations related to control testing activities or other control monitoring activities and regulatory exams.
• Stakeholder Collaboration: Establish and maintain strong working relationships across business units and platforms. Collaborate with various groups to define and achieve deliverables, acting as a trusted advisor on control documentation and testing.
• Control Deficiency Management: Coordinate with stakeholders to log, manage, and track control deficiencies. Assess remediation plans to ensure they are designed to effectively reduce risk and verify that corrective actions are implemented according to plan.
• Subject Matter Expertise: Serve as a trusted advisor, advising stakeholders on control documentation and testing, ensuring compliance with organizational policies, regulatory requirements, and industry standards.
• Stay Informed: Maintain a thorough understanding of external technology and cybersecurity trends, emerging technologies, and internal technology and cyber risk management approaches.
• Collaborate on IT risk‑related initiatives to provide guidance and ensure the organization’s risk posture aligns with its overall risk appetite.
• Maintain thorough understanding of governing policies, controls testing methodologies, and related regulatory and compliance standards.

• Educational Background & Certifications: Degree in Computer Science, Engineering, or a related field is required. Either CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information Security Auditor), or CISSP (Certified Information Systems Security Professional) is preferred.
• Experience: Minimum of 3 years’ experience in Information/Cyber Security, IT Risk Management, IT Operations, or Technology, with at least 3 years focused on controls testing, internal audit, quality control, risk management, or compliance. Ideally within the financial services industry, a public accounting firm, or a financial institution’s regulator.
• Technical Proficiency: Strong understanding of technology and cyber risk management. Experience with IT risk‑management practices is highly valued.
• Project Management & Organizational Skills: Strong organizational, project management, and time‑management capabilities are essential. Deadline‑driven, results‑oriented, and able to consistently meet high‑quality standards while managing multiple tasks and deadlines.
• Communication Skills: Demonstrated excellence in both written and oral communication. Proficient in effectively and timely communicating with stakeholders.

2025-12-13