Senior IT Governance Specialist with Active Directory experience to maintain and update governance frameworks with one of our major banking clients- 38051

Senior IT Governance Specialist with Active Directory experience to maintain and update governance frameworks with one of our major banking clients- 38051

Location Address: Scarborough- Hybrid - onsite 2-3 times a week ***Subject to change: 3-4 days onsite may be required based on business needs***

Contract Duration: 1 year (Possibility of extension & conversion to FTE)

Schedule Hours: 9am-5pm Monday-Friday; standard 37.5 hrs/week (Possible OT)

Story Behind the Need

Business group: GTEP - Global Platform Engineering

IT Governance specialist position is to develop, implement, and oversee governance frameworks that mitigate risks associated with Active Directory infrastructure within a highly regulated banking environment. This role ensures the security, compliance, and operational integrity by conducting risk assessments, establishing governance policies, and aligning technical practices with industry regulations and audit standards. Acting as a subject matter expert, the specialist bridges the gap between technical security controls and business risk management, supporting audit readiness and regulatory compliance while enhancing the organization’s overall cybersecurity posture.

Typical Day in Role:

• Maintain and update governance frameworks and policies to align with cybersecurity standards and banking regulations.

• Conduct risk assessments on Active Directory infrastructure, identifying vulnerabilities and evaluating mitigation strategies.

• Collaborate with technical teams and business stakeholders to translate security risks into actionable governance improvements.

• Support internal and external audits by preparing documentation and ensuring compliance with regulatory requirements.

• Coordinate multiple governance-related projects, ensuring timely delivery and alignment with organizational objectives.

• Communicate findings and recommendations clearly to both technical and non-technical audiences.

• Banking Industry Compliance and Audit support

• Policy Development and Documentation

• Risk Assessment and Mitigations

Candidate Requirements/Must Have Skills:

1) 10+years of experience in IT governance, risk management, or information security roles

2) 3+ years of Specific experience with Active Directory administration, security, and risk management

3) 3+ years Demonstrated experience in banking or financial services industry

Nice-To-Have Skills:

-Strong understanding of IT governance frameworks such as COBIT, ITIL, and NIST

-Knowledge of identity governance and administration (IGA) solutions

-Experience with risk assessment methodologies and tools

-Knowledge of cybersecurity frameworks including NIST Cybersecurity Framework and ISO 27001

-Understanding of business continuity and disaster recovery planning as it relates to identity infrastructure

-Comprehensive understanding of banking regulations and examination procedures

-Knowledge of FFIEC guidance on cybersecurity and IT risk management

-Experience with regulatory reporting requirements and audit documentation

-Understanding of operational risk management in banking environments

-Proficiency in Spanish

-Certified Information Systems Auditor (CISA)

-Certified Information Security Manager (CISM)

-Certified Risk and Information Systems Control (CRISC)

-Microsoft Certified: Identity and Access Administrator Associate

-Certified Information Systems Security Professional (CISSP)

Education: Bachelor’s or Mater degree in Systems Engineering, Computer Science, Information Technology

Best VS. Average Candidate:

Best Candidate:

• Proactively identifies governance gaps and proposes strategic solutions.

• Demonstrates deep expertise in Active Directory security and banking compliance.

• Communicates complex risks clearly to both technical and non-technical stakeholders.

• Leads cross-functional initiatives with precision and accountability.

• Maintains up-to-date knowledge of evolving cybersecurity threats and regulatory changes.

Candidate Review & Selection

2 rounds

1st - HM + peers - 30 mins - MS Teams Video

2nd - HM + Global Head + IT risk team- 45 mins - Teams Video

Hiring Manager’s availability to interview: ASAP