Contract Period: 12 months with potential to extend or convert
Location: Toronto, ON
Location Type: Hybrid; Onsite twice a week
Business Hours: Monday to Friday; Core Business Hours
Must have :
Regulatory and Risk exp
Audit project exp
General risk technology exp
Nice to have :
Provide leadership for the provision of technical expertise in development and support of activities, processes, procedures and tools for protecting information security with a focus on application security Research, design and implement application security solutions and practices. Direct testing of security plans. Lead the evaluation of new and proposed security systems and technologies. SKILLS: - Knowledge of IT standards and procedures. - Knowledge of process and tools for assuring adherence to standards. - Thorough knowledge of existing and planned infrastructure security platforms and architecture components
Risk & Control Examinations
- Oversight and coordination of multiple control examinations (project and IT audits, SOX audits - in coordination with the SOX specialists, regulatory examinations, compliance assessments, etc.) to ensure audits and reviews are planned adequately and completed on time.
- Holistic understanding of the portfolio of findings, including audit, regulatory, compliance, gap assessment, self-identified findings, and understanding of the progress towards remediations to ensure challenges and remediation risks are understood, communicated, and addressed by the finding owners.
- Work with finding owners to help them develop adequate responses and remediation plans, ensure identified control gaps will be properly mitigated and/or adequate remediation plans will be developed.
- Work with finding owners to ensure findings are closed and pass the various finding resolution review stages, such as PTACC and audit finding closure process.
- Ensure adequate representation in various committees such as PTACC or Quarterly Audit Updates, TS/Platforms risk management meetings.