Manager, Operational Risk Management, Enterprise Technology Risk
Toronto, ON, CA
1m ago

Company Overview

Tell us your story. Don’t go unnoticed. Explain why you’re a winning candidate. Think TD if you crave meaningful work and embrace change like we do.

We are a trusted North American leader that cares about people and inspires them to grow and move forward.

Stay current and competitive. Carve out a career for yourself. Grow with us. Here’s our story :

Department Overview

The Operational Risk Management (ORM) Enterprise Technology team works in partnership with the business units and corporate groups of TD Bank Group to further the understanding and management of operational risk across the enterprise.

ORM Enterprise Technology provides independent oversight and challenge to operational risk management activities executed by the Technology organization and business groups across the enterprise.

They partner with the first line of defense (CIO & Enterprise Protect organizations) in identifying, reporting, and mitigating technology risk issues and provide subject matter expertise in the technology risk management practices.

The group executes 2A requirements in support of 3 lines of defense framework.

Job Description

Manager, Enterprise Technology Risk Management will partner with the first line of defense to oversee and challenge the execution of risk management activities and leading practices / technologies used to keep up with the constantly evolving technology risk landscape.

Reporting to the Senior Manager, ORM Enterprise Technology Risk Management, this role will have the following accountabilities :

Contribute to the annual planning process with a focus on maturing the Technology risk challenge activities including : the identification and forecast of top / emerging technology risks, alignment of activities with the three line of defense, and the development of the Enterprise Technology Risk Management Oversight plan.

Be the subject matter expertise (SME) on execution of technology risk challenge activities.

Articulate and escalate technology risks promptly and assist executive to drive the right discussions to address any significant technology risk

Effectively communicate risk management practices and / or results of risk assessments in a supportive and collaborative manner to influence risk-based decisions & remediation activities.

Support independent challenge first line to manage ongoing programs or initiatives with high technology risk such as : Identity and Access Management, Technology Risk and Control Assessments on critical assets, Payments, among others.

Support the ORM Framework for technology groups by providing challenge on the following activities, including but not limited to :

  • Technology risks and controls identification for core technology process Process Risk and Control Self-Assessments (pRCSA);
  • and remediation on any identified gap;
  • Management’s quality testing on key controls identified from the pRCSA, and remediation on any identified gap;
  • Technology risk related scenario analysis;
  • Key Risk Indicators and metrics on technology and monitoring on KRI results and mitigation action(s)

    Be a positive and supportive team player to consistently maintain high levels of integrity, motivation and morale.

    Keep abreast of Technology and Cybersecurity emerging risks, best practices to address / mitigate technology risks, and applicable Regulatory and Compliance requirements.

    Position will deal with executives in Business, Technology and Cybersecurity areas and risk professionals across the enterprise.

    This is a seasoned technology risk role with 5+ years of experience in technology risk management, Cybersecurity and / or technology.


    Ability to work in ambiguity; must be flexible to deal with changes in a fast paced and new environment, working closely with peers where technology risk subject matter expertise is required.

    Organizationally astute, with superior influencing, collaboration and communication skills. Ability to digest and summarize complex technical scenarios and to communicate those effectively to business leaders.

    Proven Change Manager, with the ability to lead and influence change with Executives.

    Experience assessing risk and challenging the status quo

    In order to provide effective oversight and independent challenge the role requires the incumbent to have a good understanding of the following areas :

  • Risk management frameworks and methodologies;
  • Tech risk frameworks, operations, processes, controls and tools;
  • Technology operations and processes and;
  • Industry Standards and Regulatory requirements.

    Experience in the Technology Risk Management, Technology Solutions, Risk Management, or Internal Audit field.

    Deep understanding of Regulatory and Controls requirements : COBIT, NIST, ISO, PCI, FFIEC, SOX, among other standards.

    Strong analytical skills, including segment risk analysis, data analysis, and comparative analysis. Ability to identify root causes on risk exposures and to correlate multiple risk exposures to assess aggregated risks and enterprise compensating controls.

    Proven ability to foster a cohesive team and promote a positive, high performing work environment. Expertise in working effectively in teams requires a track record of knowledge across the organization.

    Additional Information

    This role requires successful completion of all three levels of TD Operational Risk Management certification. Certification is not a requirement to apply for this role.

    The successful candidate will have 12 months from the start date in the role to complete required certifications. The required courses are available internally through TD Operational Risk Management.

    Undergraduate degree in Computer Science / Computer Engineering / Risk Management is an asset.

    Accreditation such as CISSP, CISM, CRISC, CGEIT, CISA, CRM and / or similar is preferred.


    Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form