Sr. IT Risk Specialist -

Interview Process: potentially up to 2 interviews.

Work Location: 160 Front Street West

Hybrid- 2 days per week minimum, an additional could come up due to business needs. Wednesday is the anchor day.

CANDIDATE PROFILE DETAILS:

Degree/Certifications Required: CRISC certification or equivalent experience.- Must have

CISA certification or equivalent experience.- Preferred

CISSP certification or equivalent experience a plus. – Nice to have

Years of experience: 10 years plus exp.

Reason for request/why opened: Backfilling

% Interaction with Stakeholders: high amount! Will be up to executive level interaction.

Project Scope: BAU role.

Best Vs Average Candidate:

Proficiencies in security information frameworks

Exp w/ governance, risk and compliance.

Extremely strong communicator- verbally and written.

Job titles that are relevant- BISSO, TCO,

Need to be able to do QA assessments – remediation of risk, controls effectiveness testing (critical for the role). Exp, PCI compliance, HIPPA, SOX testing.

Ability to handle stressful situations

Ability to pivot and be flexible- every day is different in this role

A Key team player and contributor. Someone who can take ownership. Someone who doesn’t need constant direction, self-manage and takes initiatives. Ability to take the lead on assignments.

Understanding of finding closure and/ or remediation packages- have produced or reviewed them.

QA on RFI’s (Audit and regulatory specific)- process regulator (having an understanding and experience reviewing them prior to submission).

Understanding of Reporting, understanding data and how that translates to the business. Proficiency in excel is important.

Someone that has experience pulling together governance related data and visualization/risk insights. Interpret and translate the data.

How will performance be measured: Verbal performance feedback and deliverables in the role.

Must have skills:

• 10+ years as an IT Risk Specialist with relevant experience in governance, risk and compliance management within regulated industries.
• Information Security or technology risk and controls background in a financial industry a plus.
• IT governance experience in information security and controls risk frameworks (i.e., ITIL, NIST, COBIT).
• Knowledge and experience with various lifecycle methodologies / frameworks, i.e., Agile, Project Management, IT Processes, Risk Management frameworks and process / operations.
• Knowledge and experience with various technology tools including, but not limited to, RSA Archer, JIRA, Confluence, Sharepoint, MS Office, Excel.
• CRISC certification or equivalent experience.- Must have
• University degree or relevant field / equivalent experience.

Nice to have skills

Exp or knowledge with AI- Co-Pilot, Power BI and Automate.

CISA certification or equivalent experience.- Preferred

CISSP certification or equivalent experience a plus. – Nice to have