This role provides leadership in representing the business unit security reviews, audit activities, business continuity, and records management. In addition the role is responsible for overall business unit education of information risk and compliance requirements, and providing management reporting.

Responsibilities include:

• Continuously evaluate and communicate information security, data privacy and compliance risks through Information Risk Assessments on applications and projects.

• Conduct change management reviews

• Perform periodic identity and access management reviews.

• Develop and deliver information risk/security/privacy awareness and compliance training programs.

• Develop, refine, and implement company-wide security policies, procedures and standards to meet compliance responsibilities

• Work with auditors, operations teams, and project delivery teams in the conduct of key risk audits.

• Monitor compliance with security policies, standards, guidelines, and procedures

• Report to management findings concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.

• Lead and review security risk assessments for third party software used by development teams or embedded in project deliverables.

• Provide information risk/security support for development projects to ensure that security issues detected by security testing tools are addressed throughout the software development life cycle.

• Participate actively in security investigations and internal compliance reviews

• Stay knowledgeable of current advances/industry best practices concerning vulnerabilities, data privacy, security breaches or malicious attacks.

How will you create impact?

The Information Risk Management Analyst works with the IT Controls and Governance Lead to support the risk management process across all aspects of MITDC delivery projects and business operations. Responsibilities include conducting risk assessments, access reviews, privacy impact assessments, assessing the current adequacy of information risk management procedures and assisting in audits / assessments.

What motivates you?

• You obsess about customers, listen, engage and act for their benefit.

• You think big, with curiosity to discover ways to use your agile approach and enable business outcomes.

• You thrive in teams and enjoy getting things done together.

• You take ownership and build solutions, focusing on what matters.

• You do what is right, work with integrity and speak up.

• You share your humanity, helping us build a diverse and inclusive work environment for everyone.

What we are looking for

• Strong analytical, communication and consulting skills.

• Minimum of 5 years work experience in Information Technology, with at least 1 to 3 years focused on information security or information risk management

• Working knowledge of security issues, techniques and remediation across computer platforms.

• Experience in the following security domains:

  • Risk and Control Assessment

  • Identity and Access Management

  • Asset Management and Security

  • Security Operations

  • Application security

  • ISO 27000 ISMS implementation or audit (optional)

• Exposure to IT control testing, web application development and/or systems administration is a plus.

What can we offer you?

• A competitive salary and benefits packages.

• A growth trajectory that extends upward and outward, encouraging you to follow your passions and learn new skills.

• A focus on growing your career path with us.

• Flexible work policies and strong work-life balance.

• Professional development and leadership opportunities.

Our commitment to you

• Values-first culture
  We lead with our Values every day and bring them to life together.

• Boundless opportunity
  We create opportunities to learn and grow at every stage of your career.

• Continuous innovation
  We invite you to help redefine the future of financial services.

• Delivering the promise of Diversity, Equity and Inclusion
  We foster an inclusive workplace where everyone thrives.

• Championing Corporate Citizenship
  We build a business that benefits all stakeholders and has a positive social and environmental impact.