Architect, Cyber & Technology Risk
Job Overview
Job title: Architect, Cyber & Technology Risk
Job description: Help us boldly shape retail in Canada
Canadian Tire Corporation, Limited (“CTC”) is one of Canada’s most admired and trusted companies. With world-class Owned Brands and exciting market-leading merchandising strategies, we are continually innovating with purpose: to be there for Canadians from coast-to-coast. We are relentlessly focused on innovating at every level of our business, investing in new technologies and products, and doubling down on the best talent to drive the company forward. It is an especially exciting time to join Canadian Tire and its group of companies.
The Architect, Cyber & Technology Risk supports the Manager in identifying and reporting on cyber and technology risk as part of Canadian Tire Bank’s enterprise risk management program. This is a second line of defense role which will review current cyber security practices and strategies across the Bank to assess the level of cyber risks and adequacy of mitigation activities. Using your strong relationship management and analytical skills, you will work with business partners across the Bank to establish robust processes for identifying, assessing, managing, monitoring and reporting on cyber and technology risks.
What you’ll do
Reporting to the Manager, Cyber and Technology Risk Management, contribute to the assessment and reporting of risks on security controls, design, architecture and implementation
Work closely and collaborate with various teams of Security Architects, Subject Matter Experts, Cyber Intelligence and other IT teams to address identified gaps in technical security capabilities, and to improve security controls, processes and standards
Participate in Information Security risk assessments and provide remediation recommendations where required
Research and understand current as well as emerging security threats, technology advancements, trends and directions for the security platform in the Banking and Retail industries
Perform analysis and assessment of solution design of information and technology security controls and infrastructure
Provide technical leadership, security consulting and oversight to first line operational and project teams
Make recommendations on risk reduction and mitigation strategies for security controls, processes, and architecture
Provide second line oversight, review and assess design of security performance and overall security architecture for projects and new initiatives consisting of security technology upgrades and infrastructure solutions for a wide range of business needs to ensure risks are identified for mitigation
Understand and review key performance indicators, measures and dashboards of all cybersecurity and technology controls across the bank
Review and support the implementation of the projects, processes and controls as outlined in the cyber risk policy and related operating directives, standards and procedures,
Assist in the oversight and monitoring of the cyber risk activities performed by the business units
Oversight and monitoring of third-party service providers risks assessments for cyber risks, and ensure consistent compliance with the cyber risk policy while escalating any concerns,
Prepare cyber risk management reporting leveraging your cyber risk subject matter expertise,
Support the development of risk metric trending and reporting to continually improve cyber risk management processes,
Develop and maintain methodologies for assessing and reporting on technology resiliency of the organization’s most valued assets,
Create and maintain risk profiles based on the organization’s cyber risk appetite
Promote a culture of cyber risk awareness with CTB stakeholders.
What you bring
University or College Diploma in Information Systems or equivalent practical experience in Computer Science, Engineering, or a related discipline
5+ years IT infrastructure or cyber security experience, 2+ of those at a senior level with related security architecture and risk management experience, preferably at a Canadian financial institution
Expert knowledge of cyber security trends, technologies, and their applicability to the Canadian Financial industry
Experience in Enterprise Security Architecture and technical Risk Management in large organizations
Strong understanding of the principles and techniques of security risk analysis, and NIST 800-53 controls and other industry leading cyber security frameworks for identifying and managing cyber security risk (eg. NIST, ISO, NERC CIP, ISA/IEC etc.)
Understanding/experience interacting with regulatory banking governance Regulations (such as OFSI or FCAC).
Familiarity with PCI DSS Issuer vs Merchant operating environments
Demonstrated ability to understand business requirements and recommend security solutions to meet risk reduction objectives
Knowledge of, or hands-on experience with, various security technologies such as VPN, vulnerability management, PKI, key management, IDAM, DLP, UEBA, SIEM, endpoint security, threat intelligence
Strong technical knowledge within the security environment including installation, administration, performance analysis, capacity planning, systems management integration, network technologies, hardware platforms and operating systems with an understanding of security requirements through an entire technology stack
Ability to adapt in a dynamic work environment and make independent decisions
Industry recognized certifications such as CISSP, CRISC, CEH, CCSE, CCSP, CISM and CISA considered an asset
Strong analytical skills and attention to detail
Ability to prioritize and manage multiple tasks in an environment with competing priorities
We are looking for high performing individuals who are:
Agile and innovative individuals who can work in an environment of change and ambiguity to help us take bold and strategic moves in this rapidly evolving risk environment
Creative thinkers who take initiative and work both collaboratively and independently.
Problem solvers with the ability to analyze and prioritize to meet business objectives,
Team players with superior influencing skills, who build relationships easily across various stakeholder groups to move initiatives forward.
If you’re curious, ready to take on new challenges and open to doing things differently to help us evolve rapidly, then this is the place to be.
About Canadian Tire Corporation
As one of the most trusted brands in Canada, our employees take pride in the work we do across the country. It’s more than the iconic triangle that keeps our employees around. From benefits and perks, to learning and development opportunities, to our commitment to Jumpstart – these are some of the many reasons why Canadian Tire Corporation is one of . To learn more follow us on .
#LI-CA2
Company: Mark’s
Expected salary:
Location: Oakville, ON
Job date: Wed, 15 Dec 2021 04:20:03 GMT
Job Source: Careerjet.ca