Senior GRC Analyst to help implement a IRM ServiceNow GRC tool with one of our major banking clients- 37806

Senior GRC Analyst to help implement a IRM ServiceNow GRC tool with one of our major banking clients- 37806

Location Address: Toronto - hybrid - onsite 4x/week

Contract Duration: 6 months (Possibility of extension & conversion to FTE)

Schedule Hours: 9am-5pm Monday-Friday; standard 37.5 hrs/week (Possible OT)

Story Behind the Need

Business group: IT Risk

The IT Risk Governance and oversight group supports standards, processes, methodologies for technology and cybersecurity risks.

We need an experienced Governance, Risk and Controls professional to support with the IRM ServiceNow work contracted through an external vendor. This person will help with all requirements collection, stakeholder workshops, specific settings to Technology Issues workflow, as part of Technology Governance, Risk and Oversight team. Responsible for tracking and reporting software currency remediation across all of Scotiabank.

Project:

The project will implement Integrated Risk Management (IRM) for technology risk. The team requires IRM ServiceNow GRC tool.

Typical Day in Role:

• Identify the stakeholders involved in Issue lifecycle.

• Collaborate with the vendor to ensure complete inventory of foundational elements

• Collects all data elements necessary to describe the issue.

• Develop and collect requirements through workshops

• Collaborate and influence across the organization to help build awareness and ensure common adoption of Issues Management practice across Technology to drive forward a common enterprise-wide approach.

• Directly support the IT Risk Governance and Controls Director, to collaboratively:

o Collect and analyze requirements for the initial configuration of GRC tool

o Work directly with the vendor to establish what good looks like to implement the Issues Management workflow for Technology Risk issues

o help improve the Issues Management Practice, functioning as a Centre of Excellence

o contribute with requirements to the Issues Management reporting and monitoring process

• Support the IT Risk Governance and Controls Director with research and industry practices on Technology Issues Management contributing with counsel and direction on strategic decisions related to enhancements, new metrics, and indicators.

Candidate Requirements/Must Have Skills:

1) 10+ years of experience with risk and compliance and issues management (governance, risk and controls)

2) 5+ years of experience with GRC tools, exposure to issues management lifecycle

3) 5+ years of experience with JIRA/CONFLUENCE

4) 3+ years of experience with project management

5) 1+ years of experience with technology risk and compliance

Nice-To-Have Skills:

1) Strong proficiency with PowerPoint

2) SQL experience

3) Dashboarding skills (PowerBI, Tableau)

4) CRISC ISACA certification

Soft Skills Required:

• strong communication and influencing capability

• well-developed analytical competencies

• Good ability to balance competing or conflicting goals of various departments and stakeholders which requires a mature, diplomatic approach and highly developed negotiation and influencing skills.

•Good communication, facilitation and presentation skills for developing communication strategies for Executive approval through implementation of strategies and programs

Education: Bachelor’s degree

Best VS. Average Candidate:

The ideal candidate would have strong experience with technology risk management. The manager is not looking for credit risk experience, but rather technology related risk management.

Candidate Review & Selection

1 round (possible 2nd round)

HM - in-person preferred otherwise MS Teams Video - 1 hr (behavioural & Situational)

Hiring Manager’s availability to interview: ASAP