Enable job alerts via email!

IT Risk Analyst Reviewer

Astra-North Infoteck Inc. ~ Conquering today’s challenges, achieving tomorrow’s vision!

Toronto

Hybrid

CAD 90,000 - 120,000

Full time

Yesterday

Be an early applicant

Generate a tailored resume in minutes

Land an interview and earn more. Learn more

Job summary

A leading technology firm in Toronto is seeking an experienced IT Risk Analyst Reviewer. This hybrid role requires 8-10 years of experience in IT risk management, focusing on assessing and documenting IT risk findings. The successful candidate will work closely with auditors and project teams, ensuring compliance and addressing risk issues effectively. Familiarity with risk management tools like Archer and Tableau is preferred, as well as experience in banking or finance environments.

Qualifications

8-10 years of experience in IT risk management, particularly in a banking or financial context.
Strong understanding of IT risk standards and audit processes.
Experience working with global teams and managing cross-regional risk activities.

Responsibilities

Review and assess IT risk findings focusing on non-compliance issues.
Coordinate audits and provide evidence to meet audit requirements.
Support project risk assessments and ensure risk documentation is accurate.
Communicate effectively with stakeholders regarding risk findings.
Identify gaps in risk management practices and propose improvements.

Skills

Cyber Security - GRC - Vendor Risk Assessment

Cyber Security - GRC - Data Security

Cyber Security-ASM - Application Security

Tools

Archer

Tableau

IT Risk Analyst Reviewer

Toronto—Hybrid
8-10 yrs exp

Skills

Cyber Security - GRC - Vendor Risk Assessment
Cyber Security - GRC - Data Security
Cyber Security-ASM - Application Security

The IT Risk Analyst Reviewer will be responsible for reviewing, documenting, and managing IT risk findings across multiple regions (UK, Toronto, India). This role requires a senior, independent professional with a strong understanding of IT risk standards, audit processes, and the ability to challenge and improve risk management practices within the organization.

Key Responsibilities

Review and Assess IT Risk Findings
Evaluate risk findings created by application teams, focusing on non-compliance issues (e.g., NPIDs, vulnerabilities, DLP, expired passwords).
Ensure findings are properly documented and milestones for remediation are tracked and addressed.
Play a review role rather than direct remediation, ensure standards are followed and findings are closed appropriately.

Audit Coordination

Work closely with internal and external auditors, project teams, and operational risk teams to provide evidence and meet audit requirements.
Facilitate audits, including application security, data security, IAM, PAM, and compliance (e.g., GDPR, NYDF). Coordinate quarterly monthly governance calls to highlight risk issues and progress.

Project Risk Assessment

Support project risk assessments, including preparing and reviewing documents such as IRP (Integrated Risk Profile), IT Risk Triage, and related artifacts.
Collaborate with PMs, tech leads, and custodians to ensure risk documentation is complete and accurate.

Communication Stakeholder Management

Ensure effective communication with application teams, auditors, and other stakeholders regarding risk findings and remediation plans.
Make teams accountable for addressing findings and ensure timely follow-up.

Process Improvement

Identify gaps in current risk management practices and propose improvements.
Support the development and refresh of risk integration activities, crown jewel reviews, and app lists.

Preferred Qualifications

Prior experience in banking, finance IT, or wealth management risk functions.
Familiarity with Archer, Tableau, and other risk management reporting tools.
Experience working with global teams and managing cross-regional risk activities.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.

Top locations

Top companies

Top positions