Enable job alerts via email!
Risk Management Specialist
Toppazzini and Lee Consulting
Ottawa
On-site
CAD 100,000 - 130,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A consulting firm in risk management is looking for an experienced IT Risk Analyst located in Ottawa. The role involves reviewing and managing IT risk findings across multiple regions, engaging with auditors, and supporting project risk assessments. Ideal candidates will have a solid understanding of IT risk standards, prior experience in banking or finance, and familiarity with risk management tools like Archer or Tableau. Excellent communication and stakeholder management skills are essential for this position.
Qualifications
- Prior experience in banking, finance IT, or wealth management risk functions.
- Experience working with global teams and managing cross-regional risk activities.
Responsibilities
- Review and assess IT risk findings and ensure compliance.
- Coordinate with auditors to meet audit requirements.
- Support project risk assessments and ensure documentation is accurate.
- Communicate effectively with stakeholders regarding risk findings.
- Identify gaps in risk management practices and propose improvements.
Skills
Tools
IT Risk Analyst
Location: Toronto (minimum 4 days onsite)
The IT Risk Analyst will be responsible for reviewing, documenting, and managing IT risk findings across multiple regions (UK, Toronto, India). This role requires a senior, independent professional with a strong understanding of IT risk standards, audit processes, and the ability to challenge and improve risk management practices within the organization.
- Review and assess IT risk findings:
- Evaluate risk findings created by application teams, focusing on non‑compliance issues (e.g., NPIDs, vulnerabilities, DLP, expired passwords).
- Ensure findings are properly documented and milestones for remediation are tracked and addressed.
- Play a review role rather than direct remediation; ensure standards are followed and findings are closed appropriately.
- Audit coordination:
- Work closely with internal and external auditors, project teams, and operational risk teams to provide evidence and meet audit requirements.
- Facilitate audits, including application security, data security, IAM, PAM, and compliance (e.g., GDPR, NYDF).
- Coordinate quarterly/monthly governance calls to highlight risk issues and progress.
- Project risk assessment:
- Support project risk assessments, including preparing and reviewing documents such as IRP (Integrated Risk Profile), IT Risk Triage, and related artifacts.
- Collaborate with PMs, tech leads, and custodians to ensure risk documentation is complete and accurate.
- Communication & stakeholder management:
- Ensure effective communication with application teams, auditors, and other stakeholders regarding risk findings and remediation plans.
- Make teams accountable for addressing findings and ensure timely follow‑up.
- Process improvement:
- Identify gaps in current risk management practices and propose improvements.
- Support the development and refresh of risk integration activities, crown jewel reviews, and app lists.
- Prior experience in banking, finance IT, or wealth management risk functions.
- Familiarity with Archer, Tableau, and other risk management/reporting tools.
- Experience working with global teams and managing cross‑regional risk activities.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
