Senior Specialist, Operational Risk, Cyber & Technology

About The Position

Requirements

• An undergraduate degree in computer science, information systems, business administration, commerce, economics, or related fields.
• A professional certification or designation in risk management, technology risk, or information security (e.g. CISA, CRISC, CISSP, CRA, CIA).
• A minimum of seven (7) years of experience in operational risk oversight, internal audit, or a related function, with a focus on technology and/or cyber security risk management.
• Strong working knowledge of artificial intelligence concepts, including machine learning fundamentals, model lifecycle, key risks such as bias, explainability, and data quality, and regulatory expectations.
• Strong understanding of IT frameworks and standards (NIST, ISO 27001, COBIT, etc.).
• Exceptional interpersonal and communication skills, with the ability to translate technical risk insights into clear business language for senior audiences.
• Proven project management and stakeholder engagement capabilities, with experience handling multiple initiatives with high complexity and strategic importance.

Nice To Haves

• Experience developing or overseeing risk metrics and visualization dashboards, such as Power BI.
• Demonstrated experience conducting or overseeing ITGC reviews, cyber incident response exercises, and/or cloud risk assessments.
• Familiarity with risk management practices within Federally Regulated Financial Institutions, Government or Crown Corporations, including relevant legislation and accountability frameworks.

Responsibilities

• Provide second line oversight of technology, artificial intelligence, and cyber security risks, including IT General Controls (ITGCs), change management, and system resilience.
• Offer independent challenge and expert advice on major technology initiatives, programs and incidents.
• Partner with first line (Information Technology, Information Security and 1B business teams) to support implementation of risk management practices across technology programs, including cloud transformation, system changes, and cyber resilience initiatives.
• Support oversight of incident management, threat and vulnerability management, and technology capacity risks, ensuring timely identification and escalation of key exposures.
• Review and assess Risk Acceptance Memos and security standards, providing insight and recommendations to management.
• Contribute to the development and enhancement of technology cyber risk metrics and dashboards to improve visibility and reporting to senior management and the Board.
• Collaborate across risk disciplines to integrate technology and cyber risk perspectives into broader operational risk oversight.
• Support enterprise risk training and awareness initiatives related to technology and cyber security.

Benefits

• Annual Paid vacation.
• Annual individual performance incentive.
• Defined benefit pension plan.
• Comprehensive group insurance plan to support your well-being from day one.
• Support towards your personal and professional growth with training, mentorship and more.
• An inclusive workplace culture and environment.