Reporting to the Director of Information Technology (IT) Compliance, the incumbent will be responsible for ensuring that Information Security and Technology risks are identified, escalated, reported, managed and tracked appropriately. The incumbent will also be responsible for providing assurance over RSA policies, IT General Control (ITGC) design and operating effectiveness, and Key Risk Indicator (KRI) metrics.
Keeping You Moving
RSA is one of the world’s leading multinational insurance groups with over 300 years of experience and over 20 million customers worldwide.Our people are committed to building a dynamic internal culture where our people love what they do and feel motivated to keep things moving – for customers, for their colleagues and as part of their own growth and development. In RSA, employing positive people is how we achieve success. You will be working in an environment that encourages you to do great work and you constantly will be faced with fresh challenges that have a direct impact on our business. We believe your personality and passion will keep RSA and our business moving forward. At RSA we have a culture that supports and rewards high performance with a competitive reward policy for top performers. Our rewards package includes competitive compensation, work / life balance, opportunities to learn and the chance to make a difference working for a worldwide industry leader.At RSA Canada, our purpose is to Make Life Better Together and we do that every day through our commitments to our people, our customers and our partners. We are committed to fostering an inclusive, fair, and accessible environment where every team member has the opportunity to reach their full potential and where everyone feels comfortable being their true selves. We hire on the basis of merit and we are committed to inclusive, barrier-free recruitment and selection processes, as well as equal access to training and promotion opportunities.
Who you are
Your enthusiasm is infectious. You challenge the status quo. You find solutions to problems. You go the extra mile to exceed customers’ expectations. You get things done the right way. You represent our brand with passion and pride. You are a team player. You have fun and you make work fun for those working around you.
What you will achieve in this role
- Gather, aggregate and report Key Risk Indicators (KRIs)
- Work collaboratively with KRI stakeholders to improve control validation processes, enhance KRI testing methodology, process, procedures, and artifact (evidence) submission
- Execute the IT validation plan by communicating requirements to stakeholders, developing mechanism so support self-attestation of evidence and ensuring the completeness and accuracy of submissions
- Establish yourself as an internal Subject Matter Expert for the ServiceNow GRC platform
- Prepare reporting materials for various internal committees like IT Risk Committee, Canada Risk Committee, Quarterly Controls Committee, etc.
- Modernize reporting mediums (Excel, PowerPoint, etc.) by developing dashboard and net new reports by leveraging ServiceNow GRC platform
- Create and track risk related artifacts like risk acceptances, remediation tasks assigned, audit remediation initiatives, etc...
What you bring to this role
- Strong problem solving abilities and sense of accountability
- An ability to lead, facilitate and influence discussions with senior leaders and executives
- IT control testing and/or IT audit experience
- Experience working with risk management frameworks and methodologies
- An ability to multi-task and pivot as priorities change
- Experience administering Governance Risk and Compliance (GRC) platforms
- B.Sc. Computer Science or in a related field
- Professional Designation in IT compliance or Information Security such as Certified
Information Systems Auditor (CISA) or Certified Information Security Professional (CISSP) is preferable
Applicants agree that by providing personal information in response to this ad, and otherwise in any recruitment process with RSA or its affiliated companies (the “Company”) such personal information may be retained and used for a period of one (1) year from the date of this application, for the purpose of consideration for employment opportunities which may arise during that time period, unless an applicant notifies the Company to the contrary.We thank all applicants. However, only those selected for an interview will be contacted.We invite you to learn more about us at our Career Site, www.rsagroup.ca, where you can apply on line. RSA group of Companies is strongly committed to diversity and welcomes applications from visible minority group members, women, Aboriginal persons, and persons with disabilities, members of the LGBT community, and others who may contribute to the further diversification of ideas.RSA group of Companies will provide reasonable accommodation for qualified individuals with disabilities in the job application process.If you have difficulty using our online application system and you need an accommodation due to a disability, please email AODA@RSAGROUP.CA or call us at toll free 1 (800)-855-0511. Please note this email is only for accommodation requests. Resumes sent to this email address will not be considered.