Story Behind the Need:
• Business group: GTEP – Global Platform Engineering
• IT Governance specialist position is to develop, implement, and oversee governance frameworks that mitigate risks associated with Active Directory infrastructure within a highly regulated banking environment. This role ensures the security, compliance, and operational integrity by conducting risk assessments, establishing governance policies, and aligning technical practices with industry regulations and audit standards.
• Acting as a subject matter expert, the specialist bridges the gap between technical security controls and business risk management, supporting audit readiness and regulatory compliance while enhancing the organization’s overall cybersecurity posture.
Candidate Value Proposition:
• The successful candidate will play a key role in shaping IT governance within a global banking environment—leading strategic initiatives, driving compliance and risk mitigation, and collaborating with senior stakeholders.
• This is a unique opportunity to influence enterprise platform services, foster innovation, and grow within a high-impact, hybrid role that values leadership, technical excellence, and continuous improvement
Typical Day in Role:
• Maintain and update governance frameworks and policies to align with cybersecurity standards and banking regulations.
• Conduct risk assessments on Active Directory infrastructure, identifying vulnerabilities and evaluating mitigation strategies.
• Collaborate with technical teams and business stakeholders to translate security risks into actionable governance improvements.
• Support internal and external audits by preparing documentation and ensuring compliance with regulatory requirements.
• Coordinate multiple governance-related projects, ensuring timely delivery and alignment with organizational objectives.
• Communicate findings and recommendations clearly to both technical and non-technical audiences.
• Banking Industry Compliance and Audit support
• Policy Development and Documentation
• Risk Assessment and Mitigations
Candidate Requirements/Must Have Skills:
• 10+years of experience in IT governance, risk management, or information security roles
• 3+ years of Specific experience with Active Directory administration, security, and risk management
• 3+ years Demonstrated experience in banking or financial services industry
Nice-To-Have Skills:
• Strong understanding of IT governance frameworks such as COBIT, ITIL, and NIST
• Knowledge of identity governance and administration (IGA) solutions
• Experience with risk assessment methodologies and tools
• Knowledge of cybersecurity frameworks including NIST Cybersecurity Framework and ISO 27001
• Understanding of business continuity and disaster recovery planning as it relates to identity infrastructure
• Comprehensive understanding of banking regulations and examination procedures
• Knowledge of FFIEC guidance on cybersecurity and IT risk management
• Experience with regulatory reporting requirements and audit documentation
• Understanding of operational risk management in banking environments
• Proficiency in Spanish
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified Risk and Information Systems Control (CRISC)
• Microsoft Certified: Identity and Access Administrator Associate
• Certified Information Systems Security Professional (CISSP)
Soft Skills Required:
• Analytical and Problem-Solving Skills
• Communication and Stakeholder Management
• Project Management and Organizational Skills
• Strong communication skills
Education:
• Bachelor’s or Mater degree in Systems Engineering, Computer Science, Information Technology
Best VS. Average Candidate:
• Best Candidate:
o Proactively identifies governance gaps and proposes strategic solutions.
o Demonstrates deep expertise in Active Directory security and banking compliance.
o Communicates complex risks clearly to both technical and non-technical stakeholders.
o Leads cross-functional initiatives with precision and accountability.
o Maintains up-to-date knowledge of evolving cybersecurity threats and regulatory changes.
Candidate Review & Selection:
• 2 rounds:
o 1st – HM + peers – 30 mins – MS Teams Video
o 2nd – HM + Global Head + IT risk team- 45 mins – Teams Video
Job Details
13477
Contract
1 year
Scarborough
#J-18808-Ljbffr