Security Specialist

Job Title: Security Specialist
Contract Duration: 6 months (Extension possible)
Pay rate: Up to C$100/hr
Location:Toronto, ON
Work Type:Hybrid- 2 days per weekminimum.Wednesday is the anchor day.Monday to Friday- core business hours

Department Overview:

• Building a World-Class, Diverse, and Inclusive Technology Team.
• We can't afford to be boring. Neither can you. The scale and scope of what does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology.
• Our client's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring.
• Regulatory, Audit & Compliance Assurance is home to a team of highly valued professionals, who support all P&T related Regulatory and support interactions, which includes business, 2nd, or 3rd LOD led exams.
• They provide oversight and governance, independently challenging High / Med severity issues tied to Regulatory, Audit and ORM.
• Includes issue escalations tied to potential overdue and validation failures, issue support for insight, governance reporting and exams. Also, provides demand management support assurance functions.
• There's room to grow in all of it.

Job Specific Accountabilities:

• Our client is looking for a Security Specialist who is well-versed in providing governance, risk, compliance, and issue remediation oversight and control best practices that meet overarching Platforms & Technology Governance strategy and objectives. The individual will be responsible for partnering with Technology segments to support independent challenge and oversight of issue remediation plans impacting our information security control environment. Here's some of what you may be asked to perform:
• Lead assessments of audit and regulatory findings remediations required to mitigate risk within technology infrastructure and applications, working with stakeholders across the three lines of defense to ensure effective risk mitigation and remediation
• Provide advice and guidance to Technology segments and Technology Risk Services on various areas requiring subject matter expertise and interpretation: Audit & Assurance Standards; IT Risk Governance Control Frameworks, and GRC (Governance, Risk, and Compliance) frameworks.
• Contribute to the development of mature Governance Oversight & Control practices, through improvement of Risk Identification, Control Design, and Operating Effectiveness.
• Identify emerging themes, understand trends, and provide specialized business management advice to senior management and respective teams while raising industry, external, and internal, enterprise, and business awareness.
• Lead continuous improvement projects, leveraging agile/lean continuous improvement practices/methods that demonstrate sustainable and leading-edge solutions (e.g. Artificial Intelligence (AI), Machine Learning (ML), Power BI/Apps, Python, etc.)

Job Requirements:

• Expert knowledge of IT Audit and Control methodology, IT Governance Controls and Standards, and associated tools to ascertain the quality and effectiveness of technology remediation plans.
• Experience with project and change management methods to deliver on assurance, governance, and oversight initiatives that align with strategic objectives.
• Competencies in technology controls, emerging threats, and technology risk disciplines and practices.
• Strengthen the independent assurance, governance, and oversight operations, utilizing lean continuous improvement practices and tools.
• Apply core Agile frameworks such as Scrum, Kanban, and Extreme Programming to execute operational workplan projects.
• Knowledgeable in Artificial Intelligence to lead the design, development, and deployment of AI-driven solutions that enhance business operations, decision-making, and innovation.
• Collaborate with data scientists, engineers, information security specialists, and business stakeholders to align AI initiatives with strategic objectives.
• Ability to translate business needs into technical AI solutions.
• Ability to train colleagues and team members related to risk and compliance of issue remediations.
• Excellent verbal and written business communication skills; meticulous documentation.
• Ability to manage multiple efforts simultaneously, prioritize demands, and have strong organizational skills.
• Ability to effectively interact with individuals across the organization and at various levels (technical, business, Senior & Executive Management).
• Stay current with the latest research and trends in AI/ML and recommend relevant tools, frameworks, and methodologies.

Required Education/ Experience:

• Degree/Certifications Required: CRISC certification or equivalent experience.- Must have
• CISA certification or equivalent experience.- Preferred
• CISSP certification or equivalent experience is a plus. – Nice to have
• Years of experience: 10 years plus experience.

Must have skills:

• 10+ years as an IT Risk Specialist with relevant experience in governance, risk, and compliance management within regulated industries.
• Information Security or technology risk and controls background in the financial industry is a plus.
• IT governance experience in information security and controls risk frameworks (i.e., ITIL, NIST, COBIT).
• Knowledge and experience with various lifecycle methodologies/frameworks, i.e., Agile, Project Management, IT Processes, Risk Management frameworks, and process/operations.
• Knowledge and experience with various technology tools, including, but not limited to, RSA Archer, JIRA, Confluence, Sharepoint, MS Office,and Excel.
• CRISC certification or equivalent experience.- Must have
• University degree or relevant field / equivalent experience.

Nice to have skills

• Experience or knowledge with AI- Co-Pilot, Power BI, and Automate.
• CISA certification or equivalent experience.- Preferred
• CISSP certification or equivalent experience is a plus. – Nice to have

Note:

• Audit experience
• Proficiencies in security information frameworks
• Experience w/ governance, risk, and compliance.
• Extremely strong communicator- verbally and in writing.
• Job titles that are relevant- BISSO, TCO,
• Need to be able to do QA assessments – remediation of risk, controls effectiveness testing (critical for the role). Experience, PCI compliance, HIPPA, SOX testing.
• Ability to handle stressful situations
• Ability to pivot and be flexible- every day is different in this role
• A Key team player and contributor. Someone who can take ownership. Someone who doesn't need constant direction, self-manages, and takes initiatives. Ability to take the lead on assignments.
• Understanding of finding closure and/ or remediation packages- have produced or reviewed them.
• QA on RFI's (Audit and regulatory specific)- process regulator (having an understanding and experience reviewing them prior to submission).
• Understanding of Reporting, understanding data, and how that translates to the business. Proficiency in Excel is important.
• Someone who has experience pulling together governance-related data and visualization/risk insights. Interpret and translate the data.

Benefits:

• Medical, Vision, and Dental Insurance Plans
• 401k Retirement Fund

About the Company:
Top 10 bank in Canada and North America offering comprehensive financial solutions. Providing retail, commercial, wealth management, and wholesale banking services, we help clients thrive in today's evolving market.

About GTT:
GTT is a minority-owned staffing firm and a subsidiary of Chenega Corporation, a Native American-owned company in Alaska. As a Native American-owned, economically disadvantaged corporation, we highly value diverse and inclusive workplaces. Our clients are Fortune 500 banking, insurance, financial services, and technology companies, along with some of the nation’s largest life sciences, biotech, utility, and retail companies across the US and Canada. We look forward to helping you land your next great career opportunity!

25-23320: #gttca #LI-GTT #gttjobs #LI-Hybrid