As an Information Security Risk Management Analyst, you will play a key role in advancing risk governance within a member-owned financial institution committed to social responsibility. You'll work closely with the Information Security Compliance team to refine and implement risk management strategies that span people, processes, and technology.
Key Responsibilities
- Support leadership in shaping a strategic, organization-wide approach to managing information security risk.
- Design, update, and oversee key performance indicators, risk indicators, and service level agreements related to information security.
- Generate and deliver reports on risk posture for executive leadership and internal stakeholders.
- Conduct threat risk assessments for new technology initiatives and projects.
- Manage the IT risk register using GRC platforms such as Onetrust and Auditboard.
- Lead the development and maintenance of risk assessment methodologies and documentation.
- Guide internal teams in identifying and applying effective risk mitigation and compensating controls.
- Participate in evaluating cybersecurity risks associated with third parties and supply chain partners.
- Promote awareness and understanding of risk management principles across departments.
Qualifications and Experience
Candidates should hold a bachelor’s degree in Computer Science, Business, or a related field, along with 3–5 years of experience in information security risk roles, preferably within financial services or mid-sized organizations.
Essential knowledge includes risk management frameworks such as NIST RMF, NIST AI-RMF, ISO 31000, FAIR, and ISO 27001. Familiarity with financial industry standards like PCI, SWIFT, and OSFI, as well as privacy regulations including PIPA and PIPEDA, is required.
Preferred credentials include CISA, CRISC, or CISM certification. Experience with GRC tools like Onetrust and Auditboard is a strong asset.
Benefits and Work Environment
- Vancity is recognized as Canada’s largest private-sector Living Wage Employer and consistently ranks among the top workplaces nationally.
- Flexible benefits packages allow employees to customize coverage based on personal needs.
- Health and dental benefits start on day one, with multiple coverage tiers available.
- New hires receive 3–4 weeks of vacation annually, with additional time accrued over tenure.
- The organization observes 13 statutory holidays per year, including two additional days beyond provincial requirements, plus dedicated care days.
- A defined benefit pension plan ensures long-term retirement security.
