Senior Manager, ORM - Technology & Cyber Security
About The Position
We are currently looking for a Senior Manager, ORM & IT Cyber Security, reporting to the Director, ORM to oversee the Technology and Cyber Security programs at PCF. Within PCF’s second line, the successful candidate will independently challenge how Technology and Cyber Security risks are managed by the first line and will have the opportunity to enhance and influence the Technology & Cyber Security risk practices and controls implemented. In this role, the incumbent will also work with various internal stakeholders including Senior Management Team and associated vendors/third party arrangements to assess the Technology and Cyber Security risk practices, identifying areas for improvement.
Requirements
- Hands on experience leading a team of control testers, driving continuous improvements, and building effective working relationship with 1st line typically gained through Internal Audit or consulting related roles
- Working knowledge of Technology Risk and Cyber Security control frameworks (e.g. NIST, COBIT, ISF, ISO 27001/5, COBIT) and associated OFSI regulations (e.g. B13, B10 & E21) typically gained by having a professional certification (eg. CISSP, CRISC, CISM) and previous financial service industry experience
- Proven experience in identifying control gaps and effectively challenging the 1st line
- Recognized for taking initiative and delivering quality work with special attention to details
- Known for interpersonal and communication skills that cultivate positive working relationships
Responsibilities
- Own the Technology & Cyber security Risk and Control Assessments (RCAs) related to key areas such as: Technology Operations, Cyber Security, Access Management, Change Management, Disaster Recovery and Cloud, to deliver meaningful insights to the leadership, meet regulatory expectations (e.g. B13, B10 & E21) and challenge potential gaps
- Drive on-going monitoring and reporting of open technology and cyber security related issues with first line and escalate any delays to leadership
- Establish on-going processes to collect and independently validate Technology and Cyber Security data for risk appetite metrics reporting
- Participate in key vendor meetings, identifying gaps in the vendor’s cyber programs and working with the vendors to remediate and assist in vendor security governance process, including annual assessments, ongoing monitoring, site visits, and due diligence
- Deliver advisory support to 1st line for technology and cyber security project risk assessments and assess operational risks introduced as part of new initiatives or changes to existing technologies
- Build collaborative working relationships across Technology teams, Enterprise Risk Management, Compliance, Internal Control Compliance and Internal Audit teams.
Benefits
- Accommodation is available upon request for applicants and colleagues with disabilities.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
