Senior Manager IT Regulatory Compliance

About The Position

Requirements

• BA or Postgraduate degree or LL. B with a minimum of 5 years of relevant combined experience in Compliance, Legal or other Control Functions (Audit, Risk, etc.)
• Strong knowledge in regulatory and industry frameworks, guidelines and standards governing the management of technology systems and information security (OSFI, COBIT, NIST, ITIL etc.)
• Experience in interpreting Information technology and security regulatory rules is an asset.
• Great relationship manager and collaborator with solid communication (verbal/written) skills in English.
• Possess at least 5 years of demonstrated hands-on experience with risk management, governance, control or audit function.
• Keen on keeping current with emerging trends, best practices, directions and issues in information technology and security and global regulatory developments.
• Demonstrate can-do spirit and resilience with a good sense of urgency to deliver.

Nice To Haves

• A Law degree would be a strong asset.
• The same in Spanish is a strong asset.
• A Bachelor’s Degree and work experience in IT Risk, IT governance, 3rd party risk management, Information security or IT operations environment, or in a governance function related to Software Development, Infrastructure Operations, Information Security will be a strong asset.
• Relevant certifications of or active pursuit for Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) are desirable.

Responsibilities

• Identify regulatory obligations and controls according to the technology compliance risk domain(s)assigned to you. This will require working with technology and security Risk Owners across Technology and Digital Banking Senior Vice Presidents (SVPs), Chief Information Officers (CIOs), and Chief Information Security Officer (CISO) & SVP Information Security & Control teams.
• Collaborate and work closely with Business Lines (BLs)/Corporate Function (CFs) partners and technology teams to document controls and map to the technology obligations embedded in business specific regulations for enterprise-level controls.
• Proactively maintain the regulatory library on an ongoing basis by updating the obligations as well as related control documentation and accurate mapping of the correct controls to the obligations.
• Regularly assess inherent risk, control strength and evaluate residual risk.
• Work actively with the global team of risk professionals to develop a technology and security control testing methodology and develop/identify the right tools to assist the execution of testing activities.
• Create and maintain effective reporting and analytics on the compliance measures to monitor and drive compliance gap remediation.
• Proactively identify opportunities to improve effectiveness and enhancements of risk identification and management policies and processes.
• Partner with other risk groups and contribute to the ongoing update and enhancement of controls, frameworks, policies, risk indicators and metrics.
• As needed, collaborate and appropriately challenge the technology and security teams in the assessment of the effectiveness of controls to mitigate regulatory obligations as well as the remediation of control gaps.
• As needed, coordinate with technology and security teams and the testing team to develop and execute testing activities.

Benefits

• performance bonus
• company matching programs(pension & Employee Share Ownership)
• generous vacation
• health/medical/wellness benefits
• employee banking privileges