Senior Manager, Cyber & IT Risk, Global Risk Management

Requisition ID: #

Tangerine is Canada’s leading direct bank. We offer flexible and accessible banking options, innovative products, and award-winning Client service. The reason why Tangerine employees come to work each day is to help Canadians live better lives. We focus on making a difference in our communities, and that includes our own internal community. It’s important to us that our employees feel empowered and enthusiastic about belonging to our Orange culture.

As the Senior Manager, Cyber Security and IT Risk, you will contribute to the overall successful development and execution of a second line of defense program for Cyber Security and IT Risk, perform assessments of risk management practices carried out by the first lines of defense, and carry out quantitative analysis of threat and vulnerability scenarios which may impact IT systems operations as well as business processes supporting the Bank’s multiple delivery channels, ensuring all operate within the Bank’s risk appetite levels for Cyber Security and IT services.

You will contribute to the development, execution, and overall success of a second line of defense within the Global Cyber Security and IT Risk Management Program. You will also deliver challenge and carry out independent assessment and oversight of risk management practices carried out by the first line of defense.

This role particularly supports the Tangerine portfolio.

In this role, you will:

- Deliver objective evaluation and oversight of risk management practices carried out by the first line of defense to ensure that Tangerine’s processes and controls relating to Cyber Security and IT Risks are sufficient to maintain the consistent operation of systems, the continuous availability and integrity of data, and the confidentiality of sensitive information.
- Rank and quantify cyber, IT, and related risks in terms of probability of event and potential dollar impact.
- Design scoring and quantification methodologies to support risk appetite discussions and enable sound decision making.
- Guide IT, Security, and other control functions on Cyber Security and IT Risk management processes, systems, and procedures; review and provide advice relating to policies, frameworks, standards, and control objectives; and build a risk-aware culture.
- Collaborate with internal and external partners to ensure information sharing and support risk oversight initiatives.
- Establish and maintain relationships with stakeholders across Tangerine Bank and the BNS ERM team to stay current on emerging risks.
- Participate in major incident investigations, validating root causes of IT and Cyber-related incidents and assessing quantitative loss impacts.
- Monitor the IT Risk Profile, KRIs, and Risk Metrics to identify changes and emerging risks, reporting vulnerabilities in an understandable manner.
- Analyze risks to identify trends and evaluate risk responses.
- Support in-depth risk analysis and evaluate the effectiveness of risk mitigation strategies.
- Monitor and report on the status of risk response plans.
- Assist in preparing risk-related information for regulatory submissions.

You should have:

- 7 to 10 years of experience in IT Operations, SDLC, IT and/or Cyber Risk Management, Governance, or Audit. Cybersecurity expertise is an asset.
- Strong communication, presentation, and facilitation skills.
- Excellent interpersonal and relationship-building skills for engaging with management and partners.
- Ability to analyze complex data and communicate findings succinctly.
- Strategic and critical thinking skills to influence enterprise risk programs.
- Experience with various Cyber and IT Operations areas in large organizations.
- Familiarity with GRC tools, COBIT, ITIL, and industry frameworks.
- Professional certifications such as CRISC, CISA, CISSP, CISM are advantageous.

What’s in it for you?

- An inclusive, collaborative environment that encourages creativity and celebrates success.
- Competitive rewards including bonuses, share ownership, pension matching, and health benefits from day one.
- Opportunities for career development and progression.
Location: Toronto, Ontario, Canada

Tangerine values diversity and is committed to accessibility. Please inform our Recruitment team if accommodations are needed during the process.