IT Program Manager - Cybersecurity and IT Risk Management

Job Description

IT Program Manager - Cybersecurity and IT Risk Management
On behalf of our Banking client, Procom is searching for an IT Program Manager - Cybersecurity and IT Risk Management for a 1-year role. This position is a hybrid position with 3 days onsite at our client’s Toronto, Ontario office.

IT Program Manager - Cybersecurity and IT Risk Management - Job Description:
This role is crucial in fostering a robust risk culture and driving continuous improvement by contributing to the development and implementation of comprehensive risk management policies, standards, and controls. The IT Program Manager will be part of the second line of defense, providing Independent Risk Oversight and challenge, and assisting in developing methodologies, policies, processes, and tools to support the Cyber and IT Risk Management Framework.

IT Program Manager - Cybersecurity and IT Risk Management - Responsibilities:
• Lead 2nd Line Challenge and conduct comprehensive analysis to identify potential threats and vulnerabilities in Bank processes, systems, and operations.
• Partner with the 1st line of defense to develop risk mitigation strategies across key cyber and IT domains.
• Conduct cyber risk assessments, metrics, and controls within globally complex, dispersed, and diverse organizations.
• Define the annual IRO plan and assign resources as needed.
• Review and challenge the scope for Cyber and IT risk assessments.
• Objectively review and challenge inherent risk, control effectiveness, and residual risk assessments.
• Ensure all IT risks/controls are properly documented and reflected in deliverables and tracking systems.
• Evaluate the design of controls and communicate the impact of control weaknesses to first line teams.

IT Program Manager - Cybersecurity and IT Risk Management - Mandatory Skills:
• 5+ years of experience as a Program Manager with IT risk management.
• 5+ years of experience in technology risk management, information security, or a related field.
• Demonstrated expertise in regulatory compliance, risk management frameworks, and industry best practices.
• Proficiency in data security, risk management & controls, security governance, data analytics, and analytical thinking.
• 2+ years of experience in IT Audit.
• Experience with Cybersecurity Risk Management.

IT Program Manager - Cybersecurity and IT Risk Management – Nice-to-Have Skills:
• FI experience or experience in big 4 consulting firms.
• Industry certifications such as CISSP, CISA, CISM, CRISC.
• Advanced knowledge of relevant regulatory rules and frameworks.

IT Program Manager - Cybersecurity and IT Risk Management – Assignment Length:
This is a 1-year contract role with the possibility of extension and conversion to full-time employment.

IT Program Manager - Cybersecurity and IT Risk Management - Start Date:
ASAP.

IT Program Manager - Cybersecurity and IT Risk Management - Assignment Location:
Toronto, Ontario, Canada, with a hybrid work arrangement requiring 3 days in the office per week.

This employer uses both human and technology-assisted tools to support candidate screening and assessment. Final hiring decisions are made by people.