AddressBeing a traditional bank just isn’t our thing. We are big believers in innovating the banking experience because we believe Canadians deserve better options, and we challenge ourselves and our teams to creatively transform what’s possible in banking. Our team is made up of inquisitive and agile minds that find smarter ways of doing things. If you’re not afraid of taking on big challenges and redefining the future, you belong with us. You’ll get to work with people who will encourage you to reach new heights. We like to keep things fun, ask questions and learn together. We are a big (and growing!) family. Overall we serve more than 370,000 people across Canada through Equitable Bank, Canada's Challenger Bank™, and have been around for more than 50 years. Equitable Bank's wholly-owned subsidiary, Concentra Bank, supports credit unions across Canada that serve more than 5 million members. Together we have over $100 billion in combined assets under management and administration, with a clear mandate to drive change in Canadian banking to enrich people's lives. Our EQ Bank platform (eqbank.ca) has been named the top Schedule I Bank in Canada on the Forbes World's Best Banks 2023, 2022, and 2021 lists.
Purpose of the JobIn this role, you will play a pivotal part in ensuring the maintenance of governance and compliance documents, managing our control library, and supporting various audit and assessment activities. Your primary responsibilities will include tracking and documenting security exceptions, aiding in internal and external audits, and supporting the due diligence process for third-party onboarding. Additionally, you will contribute to annual PCI-DSS activities and play a key role in the tracking and reporting of team metrics.
Main Activities:
- Support the maintenance of governance and compliance documents.
- Manage the control library to ensure up-to-date and accurate information.
- Provide support for the security exception process by documenting, tracking, monitoring, and continuously reporting of security exceptions.
- Capable of supporting quantitative analysis on security exception requests.
- Assist in internal and external audits by gathering and organizing evidence.
- Follow up on audit activities to ensure timely resolution.
- Support the due diligence process for third-party onboarding activities.
- Manage security risks for assigned portfolio to ensure that action/mitigation plans are defined and actioned in-time.
- Escalate outstanding risks as required.
- Assist in running annual PCI-DSS assessment activities.
- Play a vital role in tracking and reporting team metrics.
- Actively contribute to the continual improvement of security governance, risk, and compliance.
- Participate in activities to identify improvements, including internal measurement practices, security practice reviews, and internal/external audits.
- Stay current on the cyber security threat landscape, including the latest attacker tactics, techniques and procedures, and the controls that may serve as effective countermeasures.
Knowledge/Skill Requirements:
- A college diploma or university degree is required. Higher accreditation (e.g. Bachelor of Computer Science) is preferred.
- Minimum of 5 years of relevant work experience.
- Hands on experience in supporting internal and external audits.
- Relevant certifications in governance, risk, and compliance are preferred.
- The following certifications are preferred: CCSP, CCSK, CISM, CISSP, or CRISC.
- Solid understanding and experience with PCI DSS.
- Solid understanding of security threats and the security practices that are employed to defend against those threats.
- Experience working in a banking or financial services environment is an asset.
- Familiarity with security metrics and quantitative analysis tools (FAIR, Monte Carlo Analysis).
- Reporting to and responsible for supporting the Cyber, Governance and Compliance manager and indirectly to the Chief Information Security Officer.
- Makes decisions independently and contributes to the overall long-term performance of the security team.
- Accountable for the day-to-day operations and performance within the Cyber Governance, Risk and Compliance domain.
- Prioritize multiple competing priorities within restricted time constraints.
- Decisions made by the incumbent impact on the security of the bank.
- The incumbent will be required to work with suppliers who provide solutions, services and/or support to the bank.
Accountability:
The incumbent will be working hybrid and in office time will be spent working from Equitable Bank’s additional office space located at 351 King Street East, Toronto, ON. Equitable Bank is deeply committed to inclusion. Our organization is stronger and our employees thrive when we honour and celebrate everyone’s diverse experiences and perspectives. In tandem with that commitment, we support and encourage our staff to grow not just in their career path, but personally as well.
We commit to providing a barrier-free recruitment process and work environment for all applicants. Please let us know of any accommodations needed so that you can bring your best self to the application process and beyond. All candidates considered for hire must successfully pass a criminal background check and credit check to qualify for hire. While we appreciate your interest in applying, an Equitable recruiter will only contact leading candidates whose skills and qualifications closely match the requirements of the position. We can’t wait to get to know you!
