Associate Director - Issue Remediation Controls Testing
The mandate of the centralized Technology Business Controls Group (TBCG) is to lead effective technology control design and operating effectiveness, through sustainable processes and interactions across enterprise technology, all lines of defense and regulators, in order to operate within BMO's established risk appetite threshold to support operational excellence and strategic growth.
The Technology Business Controls Group's (TBCG) Process Risk & Control (PRC) Evaluation and Testing function mandate is to own the assessment of technology controls, assess adherence to the PRC framework and drive planning and execution of technology control testing.
The Testing Senior Manager function lead will oversee the assessment and testing of technology controls for the following PRC framework components: Governance, Strategic Management, Information Security, Application and Infrastructure development, Service Delivery and Service Support via automation and data analysis. The function lead will make recommendation on changes to PRC framework based on the learnings from internal IT control testing. The lead's mandate also includes developing new capabilities in the function and implementing new tools and processes, as required to support and help execute the TBCG's mandate. Specifically this role will:
- Play a leadership role in the review, ongoing assessment and testing of internal controls related to BMO's PRC framework. This includes controls test preparation, test execution and providing recommendations on the status of the controls and issues under test.
- Play a leadership role in providing the results of automated monitoring and testing of internal controls within Technology via Key Performance Indicators (KPI) and Key Risk Indicator (KRI) metric reporting.
- Demonstrate leadership through expert knowledge and understanding of the bank's PRC framework, methodologies and processes.
- Guide the function on best practices relating to PRC framework.
- Support the analysis of issues and risks to identify root causes, triggers and help understand the complete regulatory impact.
- Respond to the queries from Corporate Audit Division (CAD), and 2nd line, as needed, in the context of PRC testing, review of technology controls, and CAD retest readiness for remediated control deficiencies.
- Drive evaluation and post-remediation testing of all significant technology controls deficiencies identified by regulators, CAD, 2nd line of defense and self-identified. Provide inputs into internal review of technology controls and CAD retest readiness for remediated control deficiencies.
- Establish annual goals and objectives for areas of accountability, and articulate the execution plan. Contribute to the strategic planning process with TBCG Testing Director.
- Assist in the implement the PRC Evaluation and Testing function within the bank, coordinating across the risk and controls communities to support risk related awareness strategies and programs.
- Champion and promote a technology risk management culture within the function and at a broader organization level. Thoroughly understand BMO's technology risk profile and risk appetite.
- Provide leadership in development of applicable policies, procedures, processes, and training programs to facilitate compliance with risk requirements.
- Ensure there is appropriate alignment conducive to effective interactions within the TBCG organization and others in the bank.
- Develop innovative approaches to creating solutions to resolve problems and significant issues within the function.
PRC Evaluation & Testing function:
- Build and maintain a high performing team by establishing a culture and work environment that attracts, retains and motivates a diverse, skilled workforce in order to maintain a high degree of employee professionalism, commitment and desire to maintain updated skills and knowledge.
- Identify training, development needs; create and implement appropriate development plans, including monitoring, documenting and providing regular feedback on performance.
- Actively challenge the status quo to find new ways of doing things, looking for best practices and continuous improvement opportunities.
- Supervise testing of key technology controls on an annual basis, ensure that test results are documented, verifiable, transparent, re-performable and provide the assurance that technology controls are designed and operating effectively.
- Demonstrate expertise in dealing with technology organization, other TBCG functional leads, and key stakeholders (Risk Management, Compliance) on topics related to PRC framework.
- Drive evaluation and post remediation testing of all significant technology control deficiencies identified by regulators, Corporate Audit (CAD), 2nd line effective challenge or self-identified.
- Provide advice on PRC framework, based on learnings from testing and as it applies to the technology organization.
- Proven experience in leading a 5-10 member team.
- Commanding understanding of bank's PRC framework.
- Strong understanding and command over internal controls testing requirements.
- Solid understanding of testing frameworks and test execution leveraging global resource pool.
- Strong understanding of the banking industry risk appetite, policy, reporting structure, procedures and processes.
- Strong understanding of technology and risk management organization, landscape and disciplines.
- Demonstrated industry and regulatory knowledge gained through experience and relationships.
- Demonstrated time management and organizational skills with the ability to prioritize and manage multiple initiatives in order to meet deadlines while ensuring high quality of work produced.
- Excellent team player with demonstrated relationship management skills and a strong ability to make things happen through the use of positive influence.
- Superior communication (written, oral and presentation) skills with the ability to understand complex information and summarize in a clear, concise fashion.
- Advanced facilitation, influence management, consensus building, presentation skills and the ability to present to senior management and executive audiences.
- Ability to manage competing priorities and set expectations to ensure that all stakeholders are considered.
- Clear-thinking with the ability to consistently deliver high quality work under pressure with the ability to act fast, within tight time frames and limited direction.
- Strong leadership, strategic and planning ability.
- Ability to conceptualize and implement appropriate tools and templates for control testing.
- Ability to apply best practices and effectively manage emerging risks.
- Excellent ability to understand, describe, and navigate existing work, organization and power structures, and make recommendations with a clear sense of organizational impact.
- Excellent conceptualization, presentation and communication skills in working with senior executives, managers, auditors and regulators.
- Critical thinking, ability to capture enterprise view and team building skills.
We're here to help
- Bachelor's or Master's Degree or equivalent work experience.
- 10 or more years of Controls and Process testing experience.
- 7 or more years of IT experience in Financial Services Industry.
- Advanced knowledge of Process Risk and Control frameworks.
- Advanced knowledge of Controls Audit is as asset.
- Proven and demonstrated experience to manage a large team.
- One or more of CISA, CPA/CA, CIA and CISSP designation would be an asset.
At BMO we have a shared purpose; we put the customer at the centre of everything we do - helping people is in our DNA. For 200 years we have thought about the future-the future of our customers, our communities and our people. We help our customers and our communities by working together, innovating and pushing boundaries to bring them our very best every day. Together we're changing the way people think about a bank.
As a member of the BMO team you are valued, respected and heard, and you have more ways to grow and make an impact. We strive to help you make an impact from day one - for yourself and our customers. We'll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we'll help you gain valuable experience, and broaden your skillset.
To find out more visit us at https://bmocareers.com .
BMO is committed to an inclusive, equitable and accessible workplace. By learning from each other's differences, we gain strength through our people and our perspectives. Accommodations are available on request for candidates taking part in all aspects of the selection process. To request accommodation, please contact your recruiter.