IT & Cyber Risk and Control Analyst

at  Questrade Financial Group

Questrade Financial Group (QFG) of Companies is committed to helping our customers become much more financially successful and secure.
We are everything a traditional financial institution is not. At QFG, you will be constantly moving forward, bringing the future of fintech into existence. You will be a part of a collaborative team that cares deeply about our mission and each other. Your team members will help you conquer challenges, push boundaries and discover what you are truly capable of.
This is a place where you can explore, discover and learn with continuous growth. As a diverse and inclusive place to work, there are flexible working arrangements so you can unleash your creativity and curiosity with no limits. If you share the same sense of infinite possibility, come shape your future at Questrade.
We’re looking for our next IT & Cyber Risk and Control Analyst. Could it be you?
Community Trust Company (CTC) is a member of the Questrade Group of Companies (QFG), which currently includes Questrade Inc., QuestEnterprise, Questrade Wealth Management Inc., CTC, Think!nsure Ltd., and Zolo Ventures Ltd.

What’s in it for you as an employee of QFG?

• Health & wellbeing resources and programs
• Paid vacation, personal, and sick days for work-life balance
• Competitive compensation and benefits packages
• Hybrid and flexible work arrangements
• Career growth and development opportunities
• Opportunities to contribute to community causes
• Work with diverse team members in an inclusive and collaborative environment

What’s it like working as a IT & Cyber Risk and Control Analyst at Community Trust Company?
The IT & Cyber Risk and Control Analyst is responsible for supporting the day-to-day monitoring and reporting of systems and processes for IT Risk and Control within Community Trust Company (CTC). This includes the monitoring and reporting mechanisms that highlight areas of risk exposure and opportunities for effective control of business risk arising from the use of technology. The IT Analyst operates as part of a team of under the Head of IT and Cyber for Banking and Mortgage Operations and will interfaces with other all technology, security, risk management and compliance areas at the enterprise level.
Need more details? Keep reading…

• Supports implementation and operation of the IT and Cyber Governance Framework, tools, processes, and methodologies.
• Supports collection of data on the status and performance of IT and Cyber services and initiatives to identify performance and/or control weaknesses that may lead to business risk.
• Performs analysis and aggregation of IT and Cyber performance, risk and control metrics for reporting, internal control effectiveness validation and attestation.
• Tracks remediation of identified IT and Cyber process and control gaps in the IT Risk Register working with stakeholders to maintain resolution traction and accurate reporting.
• Collects IT and Cyber Risk and Control metrics and indicators to produce dashboards and reports for management.
• Assists with or executes independently Risk and Control Self-Assessments and the review of evidence and artifacts to support self-assessment rationales.
• Works with Technology and Security Operations teams and SME to implement and operationalize process, risk and control templates, reports and metrics.
• Coordinates reporting of Operational and Cyber Resilience testing and scenario simulation exercises.
• Assists with the review or revision of policies, standards, and procedures for IT and Cyber Governance and/or Operations.
• Coordinates and supports Regulatory, Internal and/or External Audit requests for information and vetting of material provided by respective operational teams.
• Reviews and confirms completeness of incident reports and all relevant details are captured for regulatory reporting.

So are YOU our next IT & Cyber Risk and Control Analyst? You are if you…

• 1 to 3 years of hands-on information technology or security operations experience.
• Holds one or combination of CISA, CRISC, GGEIT or working towards them.
• Experience writing or updating Technology and Security procedures.
• Experience building key performance and risk indicator dashboards and reports.
• Understanding of a broad set of industry best practices (COBIT, ITIL, NIST CSF, Cloud CSC, Agile SAFE, PCI-DSS, etc.)
• Exposure to financial industry business processes.
• Exposure to enterprise and operational risk principles and practices.
• Exposure to risk scenario analysis, risk quantification and loss event data reporting.

Characteristics

• Takes ownership of tasks and drives them to completion.
• Strong written, oral communication, and interpersonal skills.
• Ability to communicate with individuals at all levels of an organization.
• Highly motivated with a mature and positive attitude towards learning new skills.
• Familiarity working with Google Workplace tools.
• Strong attention to detail and proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Competently follows specific guidelines, criteria, protocols.
• Calm and patient under pressure and thrives in a changing, dynamic, high velocity environment.
• Experience working independently and in a team-oriented, collaborative environment.
• Ability to conduct research and present insights succinctly.

Sounds like you? Click below to apply! #LI-CP1
At Questrade Financial Group of Companies, with multiple office locations around the world, we are committed to fostering a diverse, inclusive and accessible work environment. This is an environment where individuals are treated with dignity and respect. Here, the unique skills and experience you bring will be valued. You will be supported and motivated, so that you can harness your unlimited potential. Our team reflects the diversity of the communities we serve and operate in. Having a collaborative and diverse team helps us push boundaries to bring the future of fintech into existence—not only for the benefit of our customers, but for those who build their career with us.
Candidates selected for an interview will be contacted directly. If you require accommodation during the recruitment/selection process, please let us know and we will work with you to meet your needs