Internal Job Title: Information Security Operational Risk Manager
Reporting to: Chief Risk Officer
Position Summary
The job incumbent is responsible for implementing and managing the Bank’s operational risks management program, including business continuity and information security risk consistent with OSFI Guidelines and the overall strategies and requirements from the Parent Bank.
Main Responsibilities
- Provide expertise in the identification of operational risks, assessment of controls and reporting on effectiveness of controls to ensure compliance with the Bank’s regulatory and policy requirements;
- Follow up with departments on operational risk management matters, including analyzing root causes of identified operational risks, proposing solutions to mitigate the risks, and defining actions to implement proposed improvements;
- Promote a strong control culture to improve awareness of operational risk management
- Manage the Bank’s BCP program, including conducting business impact analysis, coordinate BCP testing and conduct BCP training.
- Manage information security processes/controls for the Bank, including developing, reviewing, monitoring, analyzing, reporting, strengthening the policies/process/controls and mitigating the related risks.
- Monitor and oversee outsourcing arrangements to ensure services are being delivered in a manner expected and in accordance with the terms of outsourcing agreements and in compliance with OSFI’s requirements.
Job Specifications
- University degree/college diploma in a relevant field, such as risk, information technology, computer science or equivalent experience.
- Sound knowledge and understanding of risk management principles and practices.
- At least 5 years related experience in financial services industry or equivalent
- 2+ years’ experience in operational risk, business application and the regulatory environment.
- Good knowledge of IT Operations, technology security key technology risks.
- Advanced written and oral communication skills, with the capability to present and articulate complex concepts
- Strong research ,analytical, and problem-solving skills
- Keep abreast of regulatory and compliance requirements and emerging risks within the changing threat landscape related to business technology and corresponding operations.
Working Conditions
- This is sedentary work requiring the exertion of up to 10 pounds of force occasionally and a negligible amount of force frequently or constantly to move objects. Employee may need to stand, walk and perform repetitive motions.
- The employee is required to speak and hear at normal spoken word levels. Vocal communication is required for expressing or exchanging ideas. Vision requirements include close vision.
- The office environment has climate control and a normal noise level. The employee is not subject to adverse environmental conditions.
To apply, please submit your resume along with the application form (available for download at http://www.bankofchina.com/ca/custserv/cs3/ ) to hr@ca.bocusa.com
Bank of China (Canada) is an equal opportunity employer and it is the bank’s policy to recruit and select applicants for employment solely on the basis of their qualifications with emphasis on selecting the best qualified person for the position. We welcome applications from all interested parties. Please understand that only qualified applicants will be contacted.
|