Group Risk Specialist - 2LoD Controls Testing and Oversight

About The Position

Requirements

• Undergraduate degree or technical certificate
• 7+ years relevant experience
• Advanced knowledge of risk management governance, programs, policies, practices, operating frameworks & reporting for business supported and/or area of discipline
• Knowledge of risk management environment, standards, regulations and mitigation
• Knowledge of current and emerging competitor and market trends
• Ability to establish goals and objectives which support the strategic plan
• Ability to lead, plan, implement, and evaluate program/project activities to ensure completion of initiatives
• Skill in mentoring and coaching
• Advanced skill in using analytical software tools, data analysis methods and reporting techniques
• Skill in using computer applications including MS Office
• Ability to communicate effectively in both oral and written form
• Ability to work collaboratively and build relationships across teams and functions
• Ability to work successfully as a member of a team and independently
• Ability to exercise sound judgement in making decisions
• Ability to analyze, organize and prioritize work while meeting multiple deadlines
• Ability to handle confidential information with discretion
• Bachelor’s degree required
• 7+ years of experience in risk management, internal audit, controls testing, compliance, or a related field within financial services
• Ability to interpret guidelines, standards, policies, and analytical results to inform senior-level decision-making
• Ability to work with large datasets and perform data analytics (e.g., trend analysis, anomaly detection, sampling)
• Strong attention to detail, with the ability to identify root causes of issues and observations
• Strong analytical and organizational skills, including the ability to manage multiple priorities and deadlines
• Confidence and judgment to challenge the status quo and engage in constructive challenge when needed
• Strong written and verbal communication skills; ability to build and maintain effective working relationships with cross-functional teams

Nice To Haves

• Advanced degree and/or relevant certifications (e.g., CRISC, CISA, CIA, CPA, FRM, CFA) preferred
• Hands-on experience with Microsoft Copilot and other generative and agentic AI tools to automate and improve processes
• Experience with any of the following reports is a plus: FR 2052a, US LCR, US NSFR, FR Y9C, Call Report, FR Y-15, FR Y14-Q/M, FR Y-14A (CCAR, DFAST)
• Business Banking experience is an asset

Responsibilities

• Lead 2LOD testing of business and technology controls, including scoping, planning, execution, documentation, and issue tracking/reporting
• Execute independent testing in the following areas: Control Design & Operating Effectiveness, Transactions Testing, Data Reconciliations, Logic Reperformance, Data Profiling/Analytics, End-User Computing (EUC) Review, Policy & Procedure Review, Governance/Oversight, and Regulatory Rule Compliance
• Identify opportunities to streamline and automate controls testing (where appropriate), including through the use of generative AI, agentic AI, and RPI
• Proactively identify and assess risks; escalate to management as needed; confirm findings and drive action plans to mitigate and manage risks
• Determine testing approach, including frequency, scope, key data element selection, sampling methodology, and test procedures in alignment with the 2LOD testing framework
• Support the maintenance of the testing inventory and update the testing universe and plans based on the regulatory landscape and changes in the internal risk profile
• Partner with business and technology stakeholders to review key controls, identify potential control gaps, and agree on remediation plans
• Evaluate processes and controls and connect themes across issues/deficiencies to improve standardization of solutions, processes, and controls
• Monitor emerging issues, trends, and evolving regulatory requirements; assess impacts; and recommend actions to management
• Manage deliverables and timelines and provide proactive status updates to management
• Leads the development and/or implementation of specific standards, policies and/or processes that identify, report on and mitigate operational (or all major) risk exposures within the business
• Proactively analyzes potential risks and ensures escalation of key risks to appropriate areas and/or executive review with business executive findings and action plans to mitigate and manage these risks
• Establishes and provides on-going analysis and reporting on operational risk and/or other major risk categories as applicable to own business or functional area, and reviews findings and action plans with business leaders to mitigate and manage key issues
• Coordinates and/or guides activities relating to core operational risk disciplines/programs including, Risk & Control Self-Assessment, Business Continuity Management, Outsourcing & Vendor Management, Regulatory Compliance (e.g. CDIC, AML, Privacy, IDA, CBA, SOX, Basel etc.)
• Supports enterprise-wide operational risk escalation, review and approval processes, data management, policies and risk assessment processes
• Directs the development and monitoring of Key Risk Indicators and facilitate communication and resolution of risk issues among other business segments where applicable
• May be accountable for managing ancillary operational risk areas (e.g. BCM/incident management, outsourcing/vendor management, fraud aggregation and assessment, Basel implementation/capital analysis, change management, Privacy, AML, LCM and other regulatory issues), in addition to core functions
• May be responsible for providing support for other major risk areas (e.g. Market, Credit, Reputational and/or Regulatory risks etc.)
• May be a point of contact for guidance in the monitoring/reporting of compliance, management, and strategic initiatives
• Provides broad/deep commentary in support of the development/maintenance/oversight of policies/procedures/practices, as required
• Adheres to enterprise frameworks or methodologies that relate to activities for our business area
• Ensures respective programs/policies/practices are well managed, meet business needs, comply with internal and external requirements, and align with business priorities
• Consistently exercises discretion in managing correspondence, information and all matters of confidentiality; escalates issues where appropriate
• Ensures business operations are in compliance with applicable internal and external requirements (e.g. financial controls, segregation of duties, transaction approvals and physical control of assets)
• Participates in cross-functional/enterprise/initiatives as a subject matter expert helping to identify risk/provide guidance for complex situations
• Conducts internal and external research projects; supports the development/delivery of presentations/communications to management or broader audience
• Conducts meaningful analysis at the functional or enterprise level using results to draw conclusions, make recommendations and assess the effectiveness of programs/policies/practices
• Monitors service, productivity and assesses efficiency levels within own function and implements continuous process/performance improvements where opportunities exist
• Leads/facilitates and/or implements actions/remediation plans to address performance/risk/governance issues
• Actively manages relationships within and across various business lines, corporate and/or oversight functions and ensures alignment with enterprise and/or regulatory requirements
• Keeps abreast of emerging issues, trends, and evolving regulatory requirements and assesses potential impacts
• Maintains a culture of risk management and control, supported by effective processes in alignment with risk appetite
• Participates fully as a member of the team, supports a positive work environment that promotes service to the business, quality, innovation and teamwork and ensures timely communication of issues/points of interest
• Provides thought leadership and/or industry knowledge for own area of expertise in own area and participates in knowledge transfer within the team and business unit
• Keeps current on emerging trends/developments and grows knowledge of the business, related tools and techniques
• Participates in personal performance management and development activities, including cross training within own team
• Keeps others informed and up-to-date about the status/progress of projects and/or all relevant or useful information related to day-to-day activities
• Contributes to team development of skills and capabilities through mentorship of others, by sharing knowledge and experiences and leveraging best practices
• Leads, motivates and develops relationships with internal and external business partners/stakeholders to develop productive working relationships
• Contributes to a fair, positive and equitable environment that supports a diverse workforce
• Acts as a brand ambassador for your business area/function and the bank, both internally and/or externally

Benefits

• base salary
• variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan)
• health and well-being benefits
• savings and retirement programs
• paid time off (including Vacation PTO, Flex PTO, and Holiday PTO)
• banking benefits and discounts
• career development
• reward and recognition