Canadian Western Bank

Sr Governance, Risk, and Compliance Analyst

PayCompetitive
LocationToronto/Ontario
Employment typeFull-Time

This job is now closed

Apply to similar jobs

  • Job Description

      Req#: R7477

      At CWB, we strive to build value for the people who choose us every day: our people, our clients and our investors. We do this by:

      • Putting people first and building relationships with intention

      • Seeking out and embracing new ideas

      • Believing that how we do things is as important as what we do

      Role Specifications

      Location: Edmonton, relocation is required

      CWB Corporate

      Put a new spin on your banking career

      The overwhelming majority of our employees say CWB is a Great Place to Work®

      We’re different from the big banks in the way we engage our employees - caring, responsive, and armed with an obsession for growing talent. Our reputation is powered by a people first culture that ensures our employees be and feel heard, promotes inclusivity and diverse viewpoints, and inspires collaboration and innovation.

      Our employees love CWB. You’ll love it here too.

      The opportunity

      The Snr GRC Analyst’s primary responsibilities relate to the oversight and coordination of the governance, risk, and compliance components of the CWB Group Information Security Management System (ISMS). The Snr GRC Analyst will be responsible for developing and maintaining the control framework and will recommend, develop, and maintain appropriate information security controls/policies, procedures, standards, and guidelines. The Snr GRC Analyst will conduct and document threat and risk assessments, assist in the delivery of Cyber Security Awareness content, and will perform Incident Response activities.

      Areas of focus

      Accountability #1

      • Creation of information security objectives, develop and maintain security metrics and effectiveness testing relating to the ongoing measurement of the ISMS.

      • Support annual compliance audits including the Interac Compliance Program, PCI Compliance, internal and external audits and the creation and governance of the action plans to correct situations of non-compliancy.

      • Lead effort to assess, evaluate, and make recommendations regarding the adequacy of the security controls for CWB Group’s information technology systems and infrastructure with respect to the confidentiality, integrity, and availability of CWB Group data.

      Accountability #2

      • Write and maintain information security policy documents and execute the sign-off, ongoing maintenance, and annual review process.

      • Facilitate threat and risk assessments in a workshop setting with business stakeholders, document risk, understand and model threats, and recommend relevant risk treatment and remediation strategies. Perform ongoing maintenance of the ISMS risk register.

      • Analyze and investigate threats to the CWB Group computing environment through monitoring, intrusion detection, conducting investigations on all cyber security incidents and data breaches, and coordinating incident response efforts.

      • Maintain the vulnerability management program by assisting in the identification of known vulnerabilities on information assets and providing recommendations in the form of remediation action plans.

      • Ongoing research to stay informed of industry cyber security threats, trends, and development.

      Accountability #3

      • Coach and mentor less senior team members.

      • Assist AVP, GRC on initiatives when requested.

      • Lead projects as assigned.

      Successful incumbent

      Education

      • College diploma or university degree in the field of Computing Science

      • Desired: (ISC)2 Certified Information Systems Security Professional (CISSP)

      Professional Experience

      • Minimum of 5 years related information security experience or a minimum of 7 years equivalent experience.

      • Applicable experience with information security technologies including GRC technology platforms, Security Incident and Event Management (SIEM) systems, network and application firewalls, intrusion prevention, web proxies, encryption, vulnerability management, public key infrastructure (PKI), malware prevention.

      • Experience with enterprise technology infrastructure, application security, database security, and information systems auditing.

      • Experience with the financial services industry is considered an asset.

      Personal Competencies

      • Strong familiarity with information security frameworks and standards including ISO 27001, COBIT, NIST Cyber Security Framework, Payment Card Industry Data Security Standards (PCI DSS), Open Web Application Security Project (OWASP).

      • Familiarity with information risk management frameworks including OCTAVE Allegro, Information Security Forum’s IRAM2, TRA-1 Harmonized Threat and Risk Assessment Methodology.

      • Knowledge of privacy and information security related legislation. Exceptional written, verbal, listening, and interpersonal skills.

      • Fluent in English.

      • Familiarity with the Information Technology Infrastructure Library (ITIL) IT service management framework.

      • Ability to use critical judgement to make decisions and solve problems involving various levels of complexity, ambiguity, and risk.

      • Good analytical skills and a strong attention to detail.

      Why work with us?

      Your success is our obsession! And our award-winning culture & benefits back it up.

      Proudly recognized by Great Place to Work® in 2023 as one of Canada’s top 50 Best Workplaces & recipient of Waterston Human Capital’s Most Admired Corporate Culture 2023.

      Wellness matters . We offer an award-winning benefits package that includes:

      • Hybrid work environments

      • Everyday flexibility

      • Generous company-funded health coverage

      • Health care spending account

      • A flexible wellness program

      • generous time-away options to unplug, rest & recover

      Career development. We commit to our employees’ development and help them reach their professional goals with:

      • Organization wide coaching services

      • Mentorship

      • Education support & training programs

      Bring your whole self to work. Inclusion is a journey requiring practice & experience to result in a powerful outcome. Your perspective matters & voice will be heard. Find community within the CWB family in our employee represented groups.

      #LI-EH1

      IND-EH

      As an equitable employer, CWB Financial Group is committed to providing a safe and inclusive environment where a diverse workforce thrives. You are welcomed and encouraged to bring your whole self to work. Dignity, respect and equality are non-negotiables. If you require accommodation during any part of the recruitment or selection process, please reach out.

      Closing Date:

      * Position closes at 12:01am on the close date identified below.

      02/28/2024

  • About the company

      Canadian Western Bank, also operating as CWB Financial Group, is a Canadian bank based in Edmonton, Alberta.

Other job opportunities

remote senior security compliance analyst
data governance jobs remote
remote compliance jobs
remote credit risk management careers pittsburgh
third party risk management jobs remote
More information about Canadian Western Bank