17 Apr
|
Haventreebank
|
Toronto
17 Apr
Haventreebank
Toronto
Apply on Kit Job: kitjob.ca/job/2fshdi
Haventree Bank is a private Canadian Schedule 1 bank specializing in alternative mortgage programs and insured GIC deposits. We help hardworking Canadians from coast-to-coast achieve homeownership by offering flexible mortgage solutions. Our insured GIC deposits offer competitive rates and are available through a variety of wealth management platforms.
About Haventree Bank
Headquartered in Toronto, Ontario, Haventree Bank (Haventree) is a mission driven alternative mortgage lender. The name Haventree is representative of the bank’s mission to help its customers find a place of refuge and to lay down current roots for the future. Haventree exists to be a catalyst of financial security and upward mobility for Canadians who are underserved by the traditional financial system.
Position Summary:
Reporting to the Sr Manager, Operational Risk Management, the Sr. Analyst, IT Risk Oversight is responsible for the effectiveness and enhancement of Haventree Bank’s ORM framework, including and not limited to managing the IT risk and governance frameworks, Risk and Control Self Assessments (RCSA), BIAs, & BCP. This role ensures that operational risks are identified, assessed, mitigated, and monitored in accordance with regulatory requirements and industry’s best practices. The role includes a combination of project initiatives, policy and framework development, risk assessment, review, monitoring and other program development initiatives and oversight. This role works closely with technology, compliance, and operations teams to maintain an integrated Governance, Risk & Compliance (GRC) discipline in the organization.
Your expertise in people, processes, and technology in the evaluation of operational risk will be greatly valued in the on-going assessments of operational risk. Your technology background allows a peer-to-peer dialogue around Cyber security risk and the regular assessment of our Cyber security resiliency.
Major Duties & Responsibilities:
Provides oversight of the technology risk management and governance framework.
- Provides oversight and effective challenge to the work being performed by the 1st line.
- Operates as part of the Risk Management team and acts as the subject matter expert on all Technology-related matters within the department, collaborating regularly with Enterprise IT & Cyber Governance.
- Responsible for the independent design, execution and oversight of technology risk assessments, control testing, and validation of IT and cybersecurity controls.
- Conducts appropriate independent review and challenge of risk and control assessments.
- Requires a strong technical background to critically evaluate and challenge the design and effectiveness of 1st line of defense IT risk management practices, and to analyze overall Information Technology performance, risk metrics, and control effectiveness against established standards, policies, and regulatory requirements.
- Partners with the first line of defense for risk assessment and reporting activities.
- Identifies, investigates, and escalates top and emerging risks of the organization.
- Provides effective second-line oversight on technology operations, cybersecurity controls, and incident management.
- Independently reviews and assesses the handling of security incidents, ensuring appropriate response and remediation actions.
- Monitors and analyzes key IT risk indicators (KRIs) and metrics to identify emerging trends and potential control weaknesses.
- Analyzes data and highlights significant information including variances, trends, key risk indicators, opportunities, and exposures.
- Designs, develops, and implements risk reporting solutions to meet management requirements.
- Designs and implements the annual business continuity planning and testing exercise.
- Provides information and supports the internal and external audit processes.
- Contributes to the implementation of ORM best practices throughout the organization.
- Ensures IT compliance with relevant laws, regulations, and contractual obligations,
including OSFI guidelines (e.g., E-21, B-13, B-10) and other applicable financial industry regulations.
Qualifications & Experience:
Degrees, Diplomas & Certifications:
The position requires a university degree with a focus in one or more of:
- Risk Management or Information Technology related fields.
Years and Range of Experience Required to Perform the Job:
- The position requires a minimum of 5 years work experience in a Risk Management or IT Risk Governance role.
- Holds one or a combination of CISA, CRISC, CGEIT, CISM or working towards them.
- Understands a broad set of industry best practices (COBIT, ITIL, NIST CSF).
- Have experience in a Technology Risk Management, Technology Governance or IT Audit / Quality Assurance role within the financial services industry
- In-depth knowledge of risk management frameworks and methodologies.
- Have in depth experience building, maintaining and reviewing risk and control frameworks and their inputs.
- Have experience building, reviewing, or challenging key performance indicators ("KPI") and key risk indicators ("KRI").
- Demonstrated ability to deal comfortably with all levels of both internal and external contacts with a friendly, professional attitude.
- Excellent communication and collaborator leadership skills, with the ability to influence and work with senior leadership, technical teams, and other collaborators.
- Background in retail banking, residential mortgage lending, or financial services for an OSFI regulated Financial Institution is preferred.
- The position requires strong written and verbal communication skills and exceptional organization and time management skills.
While we thank everyone for their interest in Haventree Bank, please note that only candidates selected for an interview will be contacted. Haventree Bank is committed to providing accommodation when needed. If you require an accommodation, we will work with you to meet your needs.
Haventree Bank embraces equal opportunity, diversity, and inclusion. Please let us know if you require any accommodations during the recruitment and selection process by contacting
#J-18808-Ljbffr
Apply on Kit Job: kitjob.ca/job/2fshdi
📌 Sr. Analyst, IT Risk Oversight (Toronto)
🏢 Haventreebank
📍 Toronto