MFCJP00011418 - Audit Manager
Apply NowCompany: Core Resources
Location: Toronto, ON M4E 3Y1
Description:
Job Summary:
The incumbent is responsible for executing and providing an objective assessment, on behalf of the 2nd in line of defense, of the risk management activities conducted by the 1st line in their duties related to the ownership of respective end to end processes, for the purpose of providing management audit services confidence that risk is properly managed by the business.
This position will directly manage 2- 5 team members at the maturity state.
Key Responsibilities:
Job Requirements:
Competencies:
The incumbent is responsible for executing and providing an objective assessment, on behalf of the 2nd in line of defense, of the risk management activities conducted by the 1st line in their duties related to the ownership of respective end to end processes, for the purpose of providing management audit services confidence that risk is properly managed by the business.
This position will directly manage 2- 5 team members at the maturity state.
Key Responsibilities:
- Lead and execute on the 2nd line information risk assurance and control testing annual plan
- Scope the assurance and control testing activity and provide day to day direction to the team members
- Perform the assurance activities in a set of capabilities listed below:
- Business continuity planning, Disaster Recovery and Crisis Management
- Technology risk management consisting of 3rd party, information classification handling and secure destruction, IT asset inventory and IT incident
- Information security management consisting of vulnerability management, network security, application security, cyber incident, mobile device security, operations security, VoIP communications, customer system authentication, logging and monitoring, cryptographic safeguard, identify and access management application penetration testing and KRI/KPI validation
Job Requirements:
- Minimum 10 years of hands on experience information security and/ or technology risk within a large enterprise
- Demonstrated experience in control testing and/ or Assurance
- University degree (Computer Science or related discipline preferred)
- Previous risk advisory consulting experience is preferred
- Sound knowledge of best practices of various aspects of information risk management and prior experience as a leader in Information Risk
- 2nd line or 3rd line of defense experience
- Sound business writing skills
- Strong competencies in collaboration, problem solving and influencing key risk decisions
- People management previous experience
- Knowledge of the regulatory environments in the U.S. and Canada
- Recognized professional designations in the information Security, Audit and Business Continuity (e.g. CISSP, CISA, CRISC)
Competencies:
- Strong communication, consulting, and influencing skills
- Problem solving, analytical, innovative and strategic thinker
- Strong stakeholder management and alignment skills
- Strong presentation and facilitation skills to all levels and audiences
- Ability to develop and maintain strong relationships
- Strong team player (collaborative)
- Strong time management and organizational skills to manage multiple tasks and changing priorities