BMO Financial Group Associate Director, Technology Controls Testing in Virtual, North Carolina
The mandate of the Central Testing Utility (CTU) is to lead effective control design and operating effectiveness across Technology and Operations (T&O), through sustainable processes and interactions across enterprise technology, all lines of defense and regulators, in order to operate within BMO’s established risk appetite threshold to support operational excellence and strategic growth.
The Central Testing Utility (CTU) function mandate is to own the assessment of technology controls, assess adherence to the PRC framework and drive planning and execution of technology control testing.
The Testing Associate Director function lead will oversee the assessment and testing of technology controls for the following PRC framework components: Governance, Strategic Management, Information Security, Application and Infrastructure development, Service Delivery and Service Support via automation and data analysis. The function lead will make recommendation on changes to PRC framework based on the learnings from internal IT control testing. The lead’s mandate also includes developing new capabilities in the function and implementing new tools and processes, as required to support and help execute the TBCG’s mandate.
Specifically this role will:
Play a leadership role in the review, ongoing assessment and testing of internal controls related to BMO’s Technology PRC framework. This includes controls test preparation, test execution and providing recommendations on the status of the controls and issues under test. Demonstrate leadership through expert knowledge and understanding of the bank’s PRC framework, methodologies and processes. Guide the function on best practices relating to PRC framework. Support the analysis of issues and risks to identify root causes, triggers and help understand the complete regulatory impact. Respond to the queries from Corporate Audit Division (CAD), and 2nd line, as needed, in the context of PRC testing.
Establish annual goals and objectives for areas of accountability, and articulate the execution plan. Contribute to the strategic planning process with the CTU Testing Director.
Champion and promote a technology risk management culture within the function and at a broader organization level. Thoroughly understand BMO’s technology risk profile and risk appetite.
Provide leadership in development of applicable policies, procedures, processes, and training programs to facilitate compliance with risk requirements.
Ensure there is appropriate alignment conducive to effective interactions within the CTU and other areas in the bank.
Develop innovative approaches to creating solutions to resolve problems and significant issues within the function.
Build and maintain a high performing team by establishing a culture and work environment that attracts, retains and motivates a diverse, skilled workforce in order to maintain a high degree of employee professionalism, commitment and desire to maintain updated skills and knowledge.
Identify training, development needs; create and implement appropriate development plans, including monitoring, documenting and providing regular feedback on performance.
Actively challenge the status quo to find new ways of doing things, looking for best practices and continuous improvement opportunities.
PRC Evaluation & Testing function:
Supervise testing of key technology controls on an annual basis, ensure that test results are documented, verifiable, transparent, re-performable and provide the assurance that technology controls are designed and operating effectively.
Demonstrate expertise in dealing with technology organization, other CTU functional leads, and key stakeholders (Risk Management, Compliance) on topics related to PRC framework.
Provide advice on PRC framework, based on learnings from testing and as it applies to the technology organization.
Proven experience in leading a 5-10 member team.
Commanding understanding of Internal Controls framework related to Technology.
Strong understanding and command over internal controls testing requirements.
Solid understanding of control frameworks and test execution leveraging global resource pool.
Strong understanding of the banking industry risk appetite, policy, reporting structure, procedures and processes.
Strong understanding of technology and risk management organization, landscape and disciplines.
Demonstrated industry and regulatory knowledge gained through experience and relationships.
Demonstrated time management and organizational skills with the ability to prioritize and manage multiple initiatives in order to meet deadlines while ensuring high quality of work produced.
Excellent team player with demonstrated relationship management skills and a strong ability to make things happen through the use of positive influence.
Superior communication (written, oral and presentation) skills with the ability to understand complex information and summarize in a clear, concise fashion.
Advanced facilitation, influence management, consensus building, presentation skills and the ability to present to senior management and executive audiences.
Ability to manage competing priorities and set expectations to ensure that all stakeholders are considered.
Clear-thinking with the ability to consistently deliver high quality work under pressure with the ability to act fast, within tight time frames and limited direction.
Strong leadership, strategic and planning ability.
People manager skills and experience in building effective teams
Ability to conceptualize and implement appropriate tools and templates for control testing.
Ability to apply best practices and effectively manage emerging risks.
Excellent ability to understand, describe, and navigate existing work, organization and power structures, and make recommendations with a clear sense of organizational impact.
Excellent conceptualization, presentation and communication skills in working with senior executives, managers, auditors and regulators.
Critical thinking, ability to capture enterprise view and team building skills.
Bachelor’s or Master’s Degree or equivalent work experience.
10 or more years of Controls and Process testing experience.
7 or more years of IT experience in Financial Services Industry highly preferred.
Advanced knowledge of Process Risk and Control frameworks.
Advanced knowledge of Controls Audit is as asset.
Proven and demonstrated experience to manage a large team.
One or more of CISA, CPA/CA, CIA and CISSP designation would be an asset.
Provides management consulting services and technology/industry expertise in support of business and enterprise needs. Liaises with stakeholders to understand problems and opportunities, to facilitate the organization's goals by understanding business vision, objectives, and key performance indicators. Aligns technology requirements and solutions to a real business need, meets essential quality standards, and ensures approval by all relevant stakeholders. Acts as a consultant to business partners in collaboration with the project team in strategy and planning sessions (e.g. multi-year and annual plans), reviews, or inspections to ensure the quality of work products. Promotes new processes and methodologies, emerging technologies, and agile, and aligns to the unique project team requirements.
Provides thought leadership in the development of new ideas, processes and emerging technology.
Provides strategic input into business decisions as a trusted advisor.
Acts as a subject matter expert on relevant regulations and policies.
Identifies emerging issues and trends to inform decision-making.
Recommends business priorities, advises on resource requirements and develops roadmap for strategic execution.
Leads the development of IT strategy by understanding business processes, policies, information and information systems.
Acts as the prime subject matter expert for internal/external stakeholders.
Defines business requirements for analytics and reporting to ensure data insights inform business decision making.
Breaks down strategic problems, and analyses data and information to provide insights and recommendations.
Leads change management programs of varying scope and type, including readiness assessments, planning, stakeholder management, execution, evaluation and sustainment of initiatives.
Leads the development of the communication strategy focusing on positively influencing or changing behaviour.
Presents and communicates at all levels within IT and across businesses / groups.
Completes root-cause analysis to determine underlying causes and participates in problem resolution for complex issues at all levels.
Identifies opportunities to strengthen the IT consulting capability (e.g. shares expertise to promote technical development, mentors employees, builds communities of practice and networks across technology).
Understands and follows a project requirements management plan so that activities and milestones of the project team can be measured against the goals of the plan.
Facilitates discussions and follows a disciplined approach to plan, elicit, analyze, document, communicate, and manage business requirements with stakeholders; applies a variety of elicitation techniques to probe, challenge, and understand requirements.
Provides analytical support and insights to identified / assigned user areas to support relative product, channel, and business development initiatives (e.g. product, portfolio, and profitability analytics, and customer analytics).
Collaborates in root-cause analysis to determine underlying causes and participates in problem resolution.
Builds exceptional relationships with internal and external stakeholders.
Liaises with the business and the technology development and support groups.
Aligns business needs to vision/goals to ensure development teams to translate them into detailed design specifications and code.
Assess project impact, benefits, and risks when scope changes.
Communicates and engages across stakeholder groups during construction and delivery of solutions.
Assesses the quality of supporting documentation, including business and process requirements documents, to ensure proper analysis supports recommendations or demonstrate continued alignment to strategic objectives.
Develops a deep understanding of organizational complexity to build strong rapport with internal stakeholders for the construction and delivery of the solution.
Stays abreast of industry technical and business trends through benchmarking and/or participation in professional associations.
Operates at a group/enterprise-wide level and serves as a specialist resource to senior leaders and stakeholders.
Applies expertise and thinks creatively to address unique or ambiguous situations and to find solutions to problems that can be complex and non-routine.
Implements changes in response to shifting trends.
Broader work or accountabilities may be assigned as needed.
Typically 7+ years of relevant experience and post-secondary degree in related field of study or an equivalent combination of education and experience.
Business Analysis Accreditation is an asset.
Knowledge of software development practice, concepts/methodologies (i.e. waterfall, Agile, iterative), and technologies obtained through formal training and/or work experience.
Knowledge of one or more requirements analysis and problem decomposition techniques.
Knowledge of technical/business environment (e.g. Microsoft business technologies and applications, relational databases, and SharePoint).
Understanding of industry standards and standard business capabilities.
Knowledge of business analysis, project delivery practices and standards across the project lifecycle.
Possesses a deep understanding and problem solving ability of Information Technology of various complexities.
Understanding of techniques associated with data modeling, process modeling, and user-centered design within the context of the organizational standards.
Familiar with business strategy and assessments (i.e. feasibility studies, business cases and/or cost/benefit, project sizing and costing, and current state analysis/needs assessments).
Seasoned professional with a combination of education, experience and industry knowledge.
Verbal & written communication skills - In-depth / Expert.
Analytical and problem solving skills - In-depth / Expert.
Influence skills - In-depth / Expert.
Collaboration & team skills; with a focus on cross-group collaboration - In-depth / Expert.
Able to manage ambiguity.
Data driven decision making - In-depth / Expert.
We’re here to help
At BMO Harris Bank we are driven by a shared Purpose: Boldly Grow the Good in business and life. It calls on us to create lasting, positive change for our customers, our communities and our people. By working together, innovating and pushing boundaries, we transform lives and businesses, and power economic growth around the world.
As a member of the BMO Harris Bank team you are valued, respected and heard, and you have more ways to grow and make an impact. We strive to help you make an impact from day one – for yourself and our customers. We’ll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we’ll help you gain valuable experience, and broaden your skillset.
To find out more visit us at https://jobs.bmoharris.com
BMO Harris Bank is committed to an inclusive, equitable and accessible workplace. By learning from each other’s differences, we gain strength through our people and our perspectives. BMO Harris Bank N.A. is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. Accommodations are available on request for candidates taking part in all aspects of the selection process. To request accommodation, please contact your recruiter.
Note to Recruiters: BMO Harris Bank does not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to BMO Harris Bank, directly or indirectly, will be considered BMO Harris Bank property. BMO Harris Bank will not pay a fee for any placement resulting from the receipt of an unsolicited resume. A recruiting agency must first have a valid, written and fully executed agency agreement contract for service to submit resumes.