Description:
Reporting to the Director, Technology Risk, the Technology Risk Manager is responsible for development, implementation and ongoing oversight of the risk programs under the scope of FCC Technology Risk Management. This role also provides risk advisory services and independent challenges to ensure effective risk identification, treatment and transparency. The below responsibilities are the core scope of work required for this role but could be assigned dynamically to the role based on the capacity and priorities, as well as the goals that need to be achieved for FCC business, FCC Technology and FCC Technology Risk.
- Vendor Risk Oversight - Design, implement and oversee a risk program to effectively identify and manage risks associated with FCC suppliers.
- Technology Risk Identification and Oversight - Design, implementation, and oversight of technology risk programs to effectively identify and manage FCC technology risks.
- Technology Risk Controls Assurance - Establish and oversee a technology controls assurance framework to ensure continuous effectiveness of technology controls.
- Technology Risk Measurements and Reporting - Develop and manage a technology risk metrics program that continuously monitors the key technology risks. Conduct analysis of the data, trends and provide reporting to various senior stakeholders and committees for awareness and decision.
- Risk Culture Promotion - Proactively advocate the enhancement of risk awareness, risk mindset, and improve risk management skills for FCC Technology Teams to build a robust risk culture.
- Technology Risk Management Enablement - Identify and drive changes for FCC Technology policies, processes, procedures and systems to ensure effective Technology Risk Oversight.
What We’re Looking For
- Completed University Degree specializing in Computer Science or Cyber Security, or equivalent work experience
- 5+ years’ experience in information technology risk management
- Understanding of change management, change risk, SDLC, technology ecosystem and systems development and implementation
- Understanding of cybersecurity
- Experience with Supplier/3rd Party Risk Management
- CISSP, CCSP, or CISA or other similar certification is an asset
The Skills You Bring
- Ability to work in a fast-paced environment to deadlines.
- Strong analytical skills, problem-solving ability and attention to detail.
- Effective communication skills, ability to engage with individuals at all levels.
- Capable of assimilating complex material to identify and discuss complicated concepts.
- Able to work on own initiative and develop practical solutions under pressure.
- Good knowledge of technologies, such as networking, cloud and application development.
- Good knowledge of cyber risk and information security.
- Knowledge of financial services products, processes, and industry is an asset.
- Demonstrates client centric behaviors by listening to client needs and ensuring a seamless valuable experience.