Senior Governance, Risk & Compliance Analyst

Senior Governance, Risk & Compliance Analyst – IRM Implementation

Location: Toronto – hybrid – onsite 4x / week

Contract Duration: 6 months with high possibility of extension & conversion to FTE

Business Group: IT Risk

The IT Risk Governance and Oversight group supports standards, processes, and methodologies for technology and cybersecurity risks.

We are seeking an experienced Governance, Risk, and Controls professional to support IRM ServiceNow work contracted through an external vendor. The role involves requirements collection, stakeholder workshops, and specific settings for the Technology Issues workflow within the Technology Governance, Risk, and Oversight team.

Project: Implementation of Integrated Risk Management (IRM) for technology risk using the IRM ServiceNow GRC tool.

Responsibilities include:

1. Identify stakeholders involved in the Issue lifecycle.
2. Collaborate with the vendor to ensure a complete inventory of foundational elements.
3. Collect all data elements necessary to describe issues.
4. Develop and gather requirements through workshops.
5. Influence and collaborate across the organization to build awareness and promote the adoption of Issues Management practices across Technology, driving a unified enterprise-wide approach.
6. Support the IT Risk Governance and Controls Director by:
1. Collecting and analyzing requirements for initial GRC tool configuration.
2. Working directly with the vendor to define best practices for the Issues Management workflow.
3. Enhancing the Issues Management Practice, functioning as a Centre of Excellence.
4. Contributing requirements for reporting and monitoring processes.
7. Research and advise on industry practices related to Technology Issues Management, including strategic decisions on enhancements, metrics, and indicators.

Must Have Skills:

1. 10+ years of experience in risk, compliance, and issues management (governance, risk, and controls).
2. 5+ years of experience with GRC tools and issues management lifecycle.
3. 5+ years of experience with JIRA / CONFLUENCE.
4. 3+ years of project management experience.
5. 1+ years of experience in technology risk and compliance.

Nice-to-Have Skills:

1. Proficiency with PowerPoint.
2. SQL experience.
3. Dashboarding skills (PowerBI, Tableau).
4. CRISC ISACA certification.

Candidate Profile:

The ideal candidate has strong experience in technology risk management. The focus is on technology-related risks rather than credit risk.

Additional Details:

• Seniority Level: Mid-Senior level
• Employment Type: Contract
• Job Function: Information Technology
• Industries: Information Technology & Services, Banking