Information and Security Control Risk Manager

  • Location: Toronto, Ontario
  • Type: Contract
  • Job #4339

JOB DESCRIPTION

Location: Remote as of now, might change in future (Downtown, Toronto)
Duration: 6 months (possibility of extension, conversion to full time employee)

Our client, a leading financial institution in Downtown Toronto is looking for an Information and Security Control Risk Manager to monitor, analyze, and report on cybersecurity requirements against relevant regulations and standards, such as NYDFS, FFIEC, and NIST CSF, while taking a risk-based approach. The successful candidate will have the opportunity to work with one of the Top 5 Banks in Canada.

Typical Day in role:

  • Dedicated and detail-oriented cybersecurity professional with a strong background in regulatory compliance
  • Continuously monitor and assess the effectiveness of security controls and processes
  • Perform the information security compliance tasks such as ensuring IT activities, processes, and procedures meet defined requirements, policies and regulations
  • Perform control assessments against enterprise cybersecurity frameworks and bank’s standards
  • Track, manage, and report on any internal or external cybersecurity-related issues

Must-Have Skills:

  • 5+ years of experience in related cybersecurity technical background and exposure to cloud technologies (Azure, Google)
  • 3+ years of recent project experience with security governance, policies, cybersecurity frameworks, security standards, and regulatory compliance
  • 3+ years of experience with and strong knowledge of security controls/mechanisms (gap analysis)
  • Intermediate Excel skills (V-lookups, macro, etc.)

Nice-To-Have Skills:

  • Experience with risk assessment techniques pertaining to complex data, application, and networking environments
  • Information security related certification (such as Security+, CISA, CISM, CISSP)
  • Recent relevant Financial Industry Experience

Soft Skills Required:

  • Excellent communications and written skills
  • Comfortable putting together and presenting risk reporting to a US IS&C management
  • Candidate must be a team player and may be required to assist other team members in other security and IT risk tasks, as needed
  • Ability to manage assigned tasks and expectations without direct instruction or oversight
  • Fast, adaptable learner who can hit the ground running
  • Ability to work well under pressure while demonstrating strong professionalism
  • Willingness to learn new technologies and security-related information

Education:

  • Bachelors degree in related Cyber/ IT field or relevant experience

Finance professional is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. We advocate for you and welcome anyone regardless of race, color, religion, national origin, sex, physical or mental disability, or age.