Audit & Compliance Metrics Monitoring Lead
The Metrics Monitoring Analyst is primarily responsible for providing day-to-day support and oversight of the 1B Test Validation activities as part of the broader 1B function which facilitates independent periodic review of metrics, risk assessments and testing areas across Technology, GITRM and DG&A.
The Metrics Monitoring Analyst will work with the Metrics Monitoring Lead to execute on independent IT Controls Metrics Validation activities as well as report findings to senior stakeholders and ensure exception and remediation efforts are consistently reviewed and addressed. ACCOUNTABILITIES
- Provides analysis of the independent validation of control metrics validation activities.
- Perform independent review of 1A IT controls metric design, implementation, and breach thresholds.
- Collaborate with the Metrics Monitoring lead and 1A teams in providing recommendations to adapt metrics to a changing cyber risk environment.
- Ensures that validation activities cover all appropriate controls.
- Interacts with appropriate teams in to facilitate supporting evidence to facilitate validation activities.
- Consolidates outcomes of the validation activities for reporting to stakeholders.
- Demonstrates understanding of business processes and capabilities being validated
- Champions and facilitates discussions supporting actions in areas needing improvement.
- Provide oversight to ensure identified remediation efforts are regularly reviewed and addressed.
- Propose enhancements / solutions that lead to risk reduction.
- Advises GITRM management of risk issues and/or risk portfolio trends.
- Participates in support activities across the broader 1B team activities as needed
- Possesses a university degree/college diploma in Information Security, Technology or Risk Management or equivalent work experience, and/or 5+ years of experience in IT audit, information security audit or related field.
- Financial industry experience preferred.
- Experience performing info security and risk assessments and controls mapping exercises.
- At least 5 years of overall relevant experience in Info Security, IT Security, IT Risk Mgmt., IT Metrics / KPI / KRI frameworks, and IT Controls governance,
- Solid experience in IT controls mapping amongst multiple authoritative sources, industry standards, and regulatory requirements
- Experience with Sarbanes-Oxley (SOX) IT general controls (ITGC) testing / re-testing, test validation, and reporting
- Working knowledge / experience with designing / developing / operationalizing IT metrics required to measure control and process effectiveness
- Ability to review, parse, filter, and report on large volumes of IT metrics data using calculations, scripts, pivot tables, macros, etc. in MS-Excel (or similar tool)
- Ability to review, rationalize, and report on IT metrics using automated tools such as RSA Archer GRC
- Ability to compile reports for stakeholders such as, ITRM executives, Internal Audit, Technology owners, Application owners, etc.
- Possess strong working knowledge across ISO 27001:2. NIST CSF, SOX, CoBIT and ITIL frameworks
- Strong experience in facilitating periodic testing and validation review of metrics, IS and Technology controls, and DR activities.
- CISA, CISSP or other related professional security certifications preferred
- Information technology/security subject matter expert on technical solutions, standards, process, procedures, compliance, risk and awareness.
- Possesses analytical and problem-solving skills
- Maintains an awareness of emerging Information Security technologies and industry trends
- Project management skills a plus
We're here to help
- Possesses good communication skills, both written and verbal
- Strong collaboration skills
- Displays high ethics and trust values
- Ability to operate effectively in a matrix environment
At BMO we have a shared purpose; we put the customer at the centre of everything we do - helping people is in our DNA. For 200 years we have thought about the future-the future of our customers, our communities and our people. We help our customers and our communities by working together, innovating and pushing boundaries to bring them our very best every day. Together we're changing the way people think about a bank.
As a member of the BMO team you are valued, respected and heard, and you have more ways to grow and make an impact. We strive to help you make an impact from day one - for yourself and our customers. We'll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we'll help you gain valuable experience, and broaden your skillset.
To find out more visit us at https://bmocareers.com .
BMO is committed to an inclusive, equitable and accessible workplace. By learning from each other's differences, we gain strength through our people and our perspectives. Accommodations are available on request for candidates taking part in all aspects of the selection process. To request accommodation, please contact your recruiter.