Senior IT Risk Governance Specialist, 

CANADIAN TIRE CORPORATION, LIMITED

Posted May 23, 2008

Toronto, ON 
Job Category:
Industry:
Company Url:
Computers
Retail
http://www.canadiantire.ca


Senior IT Risk Governance Specialist - CTC00183 -4



Description

COMPANY SUMMARY
 
Recently ranked as one of Canada’s 10 Most Admired Corporate Cultures, Canadian Tire offers employees a wealth of challenging and rewarding career opportunities. We are a successful and growing company that values diversity and innovative thinking, and fosters a culture of performance and accountability.  We invest in the growth and development of our employees by offering a wide range of career paths, comprehensive training and leadership development opportunities. We reward our employees with a unique mix of benefits from store discount to flexible health to profit-sharing. Our employees are passionate owners of our company who help build our reputation as one of the best places to work in Canada.              
 
Join our talented team of over 50,000 employees and develop your career through our broad and diverse group of businesses which include, Canadian Tire Corporation, Canadian Tire Retail, Canadian Tire Associate Stores, Canadian Tire Petroleum, PartSource, Canadian Tire Financial Services and Mark’s Work Wearhouse.
 
POSITION SUMMARY
 
The  Sr IT Risk Governance Specialist is responsible for successfully developing and  implementing  the IT Risk Governance Framework within CTC/CTR/CTP, and for engaging in proactive, high performance team environment.  The  Sr Specialist will also assist the Manager in ensuring that the internal activities within functional IT areas are consistent with and supportive of CTC’s enterprise-wide risk management initiatives.
 
The Mission of IT Risk Governance & Security is to provide an IT risk governance process that includes a framework for the identification of IT risks, establishing consistent policy and standards setting, monitoring and reporting practices in IT operational activities to the CIO as well as in compliance with regulations such as the annual CEO/CFO certification process.
 
RESPONSIBILITIES
  • Ensure the successful execution and maintenance of the IT Risk Governance framework and assigned duties.
  • Provide appropriate level of direction and coaching to staff, contractors and project managers  ensuring that all work is completed in compliance with the IT Risk Governance Core Operating principles and with the standards of the ISACA.
  • Ensure that all the risk governance work  is completed in compliance with the CTC Risk Governance Framework, Core Operational Principles and with the standards of Information Systems and Control Association(ISACA’s CobiT) and other relevant governing Associations such as the Information Systems Security Standard ISO 17799.
  • Support the implementation of the annual IT inherent risk assessment for all areas in IT, on a basis consistent with the established IT Risk Governance Framework.
  • Assist the manager of IT risk governance in fulfilling responsibilities and engage in special IT projects as they are initiated by the IT risk governance and security or requested to participate by other IT business units.
  • Assist IT Senior Management(Directors, VPS and the CIO) in understanding and reaching agreement on risks and related key IT general controls and business processes. 
  • Maintain and sustain the annual CEO/CFO IT Sub-Certification of IT general controls process ensuring overall quality of work performed in co-ordination with the Corporate CEO/CFO Program Office. Adjust for any changes to the CEO/CFO certification process arising from new and/or changing risk areas.


Qualifications

  • Ensure significant deficiencies are remediated and that appropriate tests are conducted to verify existence of control design and operating effectiveness of controls.  Provide reporting mechanisms on results to Senior IT Management, Corporate Officers and Auditors.
  • Build and maintain an effective partnership with IT and Business Client management with the aim of ensuring timely identification and resolution of significant IT risk/control issues, and increasing awareness and understanding of IT risks and controls among management and staff.
  • Develop, implement and roll out a self assessment process in IT that incorporates risk and controls assessments in day to day activities.
  • Contribute to the identification and adoption of state-of-the art tools, technology and techniques to optimize risk and controls assessment services.
  • Plan, lead, define test cases and carry out testing of key IT general controls with the business on an annual basis or as required.
  • Plan and carry out Corporate Process Reviews(subset of corporate process reviews) as required by the Corp. CEO/CFO Program Office.
  • Develop and maintain strong relationships with CTFS, Part Source and Mark’s Work Warehouse to share best practices.

    •  

    Requirements
    Must have:                                                                                                                              
    • Strong knowledge of risks and processes relating to Information Technology assets, processes and organizations obtained during 5 to 10 years related industry/audit or IT risk management experience 
    • University Degree or equivalent.
    • Strong risk management experience gained during minimum 3 years in a complex or large corporate environment
    • Strong understanding and experience with IT risk and control frameworks (including CobIT and Security Governance Frameworks such as ISO17799)
    • Experience in Bill 198 and/or Sox Compliance
    • Understanding of security and control in different operating platforms such as OS/400, UNIX - AIX , OS/390 including ACF2 and Windows and network architecture & communication protocol (TCP/IP) and various databases such as IMS, DB2, DB400, Oracle SQL server. 
    • Strong knowledge of IT general control components including IT Governance, logical access and security, change management, System Development Life Cycle(SDLC) and production operation and support.
    • CISA designation
    • Supervisory and/or project management experience
    • Strong verbal and written communication skills
    • Strong presentation/facilitation skills and/or experience in risk and control self assessment techniques and facilitation
    • Other skills/attributes:
      • Business-oriented, disciplined thinker
      • Strong analytical and organizational skills
      • Results-oriented
      • Initiative and drive
      • Team player, dedicated to partnership with the Business Clients, other IT groups and within Enterprise IT
      • Flexible to adjust to changing priorities and deadlines
      • Committed to the success of the IT Risk Governance & Security Mission and Core Operating Principles
      • Potential for advancement
      • Awareness/understanding of business risk and control frameworks
    Nice to have:
    • Working towards any accounting designations(CA, CGA or CMA).
    • Prior retail experience
    •  IT Systems development and maintenance experience
    •  ITIL knowledge


    Apply Online

    Job Tools

    Print it. Click for a printer friendly version.
    Create a Career Alert for CANADIAN TIRE CORPORATION, LIMITED's future jobs
    Other jobs at CANADIAN TIRE CORPORATION, LIMITED

    Email This Job:

    From

    To


    Send

    Registered Users

    Already have a Workopolis account? Login to add this to your Job List.

    New User

    Register to add this job to your Job List
     

    Copyright © 2008 workopolis.com. All Rights Reserved.

    Go !