BMO Financial Group Audit and Cyber Security Controls Testing Analyst in Virtual, New Jersey
111 W Monroe - 115 S LaSalle
Job Family Group:
Take your career to the next level by gaining a deeper understanding and experience on cutting-edge Information Security related technologies and controls. You will also have the opportunity to interact and learn from both BMO’s senior management and top talent related to the Information Security profession.
This is an exciting opportunity to help drive the Testing and evaluation of the Information Security (IS) Controls in our Process, Risk & Controls (PRC) framework. This role resides in our Central Testing Unit (CTU) and you will be responsible for the management of PRC framework, testing of design and operating effectiveness of IS controls. PRC is a set of key processes, risks and controls associated with the use and support of technology in the delivery of business objectives. This exciting role requires working closely with the CTU Stakeholder community, and is part of our 1A functions that are responsible for Design and / or Operations of IS controls.
You will support the business/group leader in the effective implementation, maintenance and administration of first line of defense (1st LOD) programs (e.g., operational risk, AML, compliance, regulatory, etc.), including overseeing business operations within the jurisdiction to ensure adherence and efficiency. Also, you will contribute to a strong risk management culture through collaboration with other first line employees, and second & third line functions to ensure Compliance, AML or operational risks are identified, mitigated, monitored and reported on an ongoing basis.
Supports multiple, similar business units with corresponding number of regulators.
Assists with the implementation of risk management programs/ frameworks while identifying and minimizing negative impacts to the business.
Develops and implements risk mitigation strategies.
Acts as a subject matter expert in the evaluation, development and implementation of an internal control system.
Supports the execution of strategic initiatives in collaboration with internal and external stakeholders.
Builds effective relationships with internal/external stakeholders.
Ensures alignment between stakeholders.
Breaks down strategic problems, and analyses data and information to provide insights and recommendations.
Monitors and tracks performance, and addresses any issues.
Builds change management plans of varying scope and type; leads or participates in a variety of change management activities including readiness assessments, planning, stakeholder management, execution, evaluation and sustainment of initiatives.
Monitoring to ensure that 1st line jobs are following defined processes and procedures.
Develops, documents and maintains business/group procedures updating and obtaining approvals as regulations or the operating environment changes and communicates changes to the business/group & relevant stakeholder groups.
Supports the development of measurable sustainment strategies including assessing and recommending mitigations for industry/ segment-specific risks and prioritizing opportunities presented by internal and external stakeholders.
Tracks exception/exemption requests and corresponding approvals.
Builds awareness, knowledge, and skills and, as necessary, provides communication, practical tools and ongoing support including making presentations, to promote a culture of risk identification and management.
Supports the management of 1st LOD program for the business/group in compliance with appropriate principles, standards & direction from the second line of defense groups. Includes developing and promoting program and ensuring the execution of all program components.
Works with assigned business/group leaders to implement 1st LOD programs and frameworks, developing and maintaining an in-depth understanding of the applicable regulatory and internal risk management requirements. Interprets and provides advice on the application of the requirements for the business/group.
Develops and maintains an understanding of the business/group strategies and objectives, products and services, internal and external stakeholders and business processes as well as the underlying infrastructure to identify and manage implications and risk exposures for the business/group.
Identifies, investigates, analyzes, documents & mitigates program risks, taking into account jurisdictional issues, and raises any issues or concerns to senior leaders and other stakeholders.
Analyzes the impact and effectiveness of the program through periodic reviews.
Recommends adjustments to the overall program, policy or processes within the business/group in accordance with the Risk Appetite Statement, Governance and Corporate Policy.
Supports the business/group through internal/external audits or regulatory examinations and assists in development of action plans to resolve any identified issues.
Provides support to the development and delivery of training and awareness programs within the business/group to increase awareness of and compliance to risk management requirements.
Focus is primarily on business/group within BMO; may have broader, enterprise-wide focus.
Exercises judgment to identify, diagnose, and solve problems within given rules.
Works independently on a range of complex tasks, which may include unique situations.
Broader work or accountabilities may be assigned as needed.
Min of 1 to 2 years of experience in any of the 3 areas: IT Audit, Financial Audit, or Operational Audit
Auditors with background in the Accounting firms, preferably Big 4 with Financial Audit or IT Audit.
Internal Auditors with experience in large companies or financial institutions : Financial audit, Operational audit (in a financial institutions in the areas of , wealth, capital markets, retail banking), or IT Audit
Preferably, 2-3 years experience in Information Security management processes and methodology
Candidates with background in technology or risk management processes may also be considered
Experience with providing subject matter expertise in the interpretation and deployment of key Industry standards and regulatory requirements
Experience with playing a key role in the review, ongoing assessment and testing of IS/IT controls. This includes test preparation, test execution, providing recommendations and reporting on the status of the identified gaps / issues as well as providing input for regulatory reporting and audit queries
Experience with contributing effectively and proactively as well as developing, consolidating, analyzing, recommending, and reporting of findings
Experience with ensuring testing lifecycles are implemented in a timely & consistent manner
Intermediate experience with MS Excel and all MS Office Suite of products
Typically between 4 - 6 years of relevant experience and post-secondary degree in related field of study or an equivalent combination of education and experience.
Program Management - Good.
Technical proficiency gained through education and/or business experience.
Verbal & written communication skills - In-depth.
Collaboration & team skills - In-depth.
Analytical and problem solving skills - In-depth.
Influence skills - In-depth.
Data driven decision making - In-depth.
We’re here to help
At BMO Harris Bank we are driven by a shared Purpose: Boldly Grow the Good in business and life. It calls on us to create lasting, positive change for our customers, our communities and our people. By working together, innovating and pushing boundaries, we transform lives and businesses, and power economic growth around the world.
As a member of the BMO Harris Bank team you are valued, respected and heard, and you have more ways to grow and make an impact. We strive to help you make an impact from day one – for yourself and our customers. We’ll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we’ll help you gain valuable experience, and broaden your skillset.
To find out more visit us at https://jobs.bmoharris.com.
BMO Harris Bank is committed to an inclusive, equitable and accessible workplace. By learning from each other’s differences, we gain strength through our people and our perspectives. BMO Harris Bank N.A. is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. Accommodations are available on request for candidates taking part in all aspects of the selection process. To request accommodation, please contact your recruiter.
BMO Financial Group Serving customers for 200 years and counting, BMO is a highly diversified financial services provider – the 8th largest bank, by assets, in North America. With total assets of $728 billion as of October 31, 2018, and a team of diverse and highly engaged employees, BMO provides a broad range of personal and commercial banking, wealth management and investment banking products and services to more than 12 million customers and conducts business through three operating groups: Personal and Commercial Banking, BMO Wealth Management and BMO Capital Markets.We serve Canadian clients through BMO Bank of Montreal®, our personal and commercial banking business, BMO Nesbitt Burns®*, one of Canada's leading wealth management firms, and BMO Capital Markets™, our North American investment and corporate banking division.In the United States, clients are served through BMO Harris Bank, a major U.S. Midwest personal and commercial bank, and BMO Private Bank, with wealth management offices across the United States, as well as BMO Capital Markets™, our North American investment and corporate banking division.We help our customers make money make sense by delivering the broadest range of financial services through a single point of contact. Our financial service professionals provide access to any services our customers require across the entire enterprise.