Sr. Analyst, IT Risk Oversight

Join to apply for the Sr. Analyst, IT Risk Oversight role at Haventree Bank

3 days ago Be among the first 25 applicants

Join to apply for the Sr. Analyst, IT Risk Oversight role at Haventree Bank

Get AI-powered advice on this job and more exclusive features.

Haventree Bank is a private Canadian Schedule 1 bank specializing in alternative mortgage programs and insured GIC deposits. We help hardworking Canadians from coast-to-coast achieve homeownership by offering flexible mortgage solutions. Our insured GIC deposits offer competitive rates and are available through a variety of wealth management platforms.

About Haventree Bank

Headquartered in Toronto, Ontario, Haventree Bank (Haventree) is a mission driven alternative mortgage lender. The name Haventree is representative of the bank’s mission to help its customers find a place of refuge and to lay down new roots for the future. Haventree exists to be a catalyst of financial security and upward mobility for Canadians who are underserved by the traditional financial system.

Position Summary

Reporting to the Director of Enterprise Risk Management, the Sr. Analyst, IT Risk Oversight is responsible for the effectiveness and enhancement of Haventree Bank’s ORM framework, including and not limited to managing the IT risk and governance frameworks, Risk and Control Self Assessments (RCSA), BIAs, & BCP. This role ensures that operational risks are identified, assessed, mitigated, and monitored in accordance with regulatory requirements and industry’s best practices. The role includes a combination of project initiatives, policy and framework development, risk assessment, review, monitoring and other program development initiatives and oversight. This role works closely with technology, compliance, and operations teams to maintain an integrated Governance, Risk & Compliance (GRC) discipline in the organization.

Your expertise in people, processes, and technology in the evaluation of operational risk will be greatly valued in the on-going assessments of operational risk. Your technology background allows a peer-to-peer dialogue around Cyber security risk and the regular assessment of our Cyber security resiliency.

Major Duties & Responsibilities

Provides oversight of the technology risk management and governance framework.

• Provides oversight and effective challenge to the work being performed by the 1st line.
• Operates as part of the Risk Management team and acts as the subject matter expert on all Technology-related matters within the department, collaborating regularly with Enterprise IT & Cyber Governance.
• Responsible for the independent design, execution and oversight of technology risk assessments, control testing, and validation of IT and cybersecurity controls.
• Conducts appropriate independent review and challenge of risk and control assessments.
• Requires a strong technical background to critically evaluate and challenge the design and effectiveness of 1st line of defense IT risk management practices, and to analyze overall Information Technology performance, risk metrics, and control effectiveness against established standards, policies, and regulatory requirements.
• Partners with the first line of defense for risk assessment and reporting activities.
• Identifies, investigates, and escalates top and emerging risks of the organization.
• Provides effective second-line oversight on technology operations, cybersecurity controls, and incident management.
• Independently reviews and assesses the handling of security incidents, ensuring appropriate response and remediation actions.
• Monitors and analyzes key IT risk indicators (KRIs) and metrics to identify emerging trends and potential control weaknesses.
• Analyzes data and highlights significant information including variances, trends, key risk indicators, opportunities, and exposures.
• Designs, develops, and implements risk reporting solutions to meet management requirements.
• Designs and implements the annual business continuity planning and testing exercise.
• Provides information and supports the internal and external audit processes.
• Contributes to the implementation of ORM best practices throughout the organization.
• Ensures IT compliance with relevant laws, regulations, and contractual obligations, including OSFI guidelines (e.g., E-21, B-13, B-10) and other applicable financial industry regulations.
  
  

• Risk Management or Information Technology related fields.
  

• The position requires a minimum of 3 years work experience in a Risk Management or IT Risk Governance role.
• Holds one or a combination of CISA, CRISC, CGEIT, CISM or working towards them.
• Understands a broad set of industry best practices (COBIT, ITIL, NIST CSF).
• Have experience in a Technology Risk Management, Technology Governance or IT Audit / Quality Assurance role within the financial services industry
• In-depth knowledge of risk management frameworks and methodologies.
• Have in depth experience building, maintaining and reviewing risk and control frameworks and their inputs.
• Have experience building, reviewing, or challenging key performance indicators (“KPI”) and key risk indicators (“KRI”).
• Demonstrated ability to deal comfortably with all levels of both internal and external contacts with a friendly, professional attitude.
• Excellent communication and collaborator leadership skills, with the ability to influence and work with senior leadership, technical teams, and other collaborators.
• Background in retail banking, residential mortgage lending, or financial services for an OSFI regulated Financial Institution is preferred.
• The position requires strong written and verbal communication skills and exceptional organization and time management skills.
  
  

• As a job candidate, our recruitment process includes collecting personal information. Please click the link here to review our Privacy Policy. Privacy Statement | Haventree Bank
• Stay in touch with us, if this position is not the right one for you – please click on this link for other roles at Careers | Haventree Bank or follow us on LinkedIn at www.linkedin.com/company/haventree-bank/
• Haventree Bank embraces equal opportunity, diversity, and inclusion. Please let us know if you require any accommodations during the recruitment and selection process by contacting accessibility@haventreebank.com

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Information Technology

Referrals increase your chances of interviewing at Haventree Bank by 2x

Get notified about new Senior Information Technology Analyst jobs in Toronto, Ontario, Canada.

Mississauga, Ontario, Canada $40.00-$50.00 2 weeks ago

Richmond Hill, Ontario, Canada 2 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.