Join a Challenger
Being a traditional bank just isn’t our thing, so we challenge ourselves to get creative in providing innovative banking solutions for Canadians.
How do we get there? With a talented team of inquisitive and agile challengers that break through the status quo. So, if you’re passionate about redefining the future of banking—while having fun—this could be your next big opportunity.
Our company continues to grow, and today we serve more than 670,000 people across Canada through Equitable Bank, Canada's Challenger Bank™, and have been around for more than 50 years. Equitable Bank's wholly-owned subsidiary, Concentra Bank, supports credit unions across Canada that serve more than six million members. Together we have over $125 billion in combined assets under management and administration, with a clear mandate to drive change in Canadian banking to enrich people's lives. Our customers have named our EQ Bank digital platform (
eqbank.ca) one of the top banks in Canada on the Forbes World's Best Banks list since 2021.
The Work
The Cyber Risk & Governance Analyst, as part of the Information Security Governance & Third-Party Cyber risk team, is responsible for analyzing and assessing the organization's information security risks and ensuring that risk management activities are operationalized to keep the bank's Technology Risk profile within the organization’s risk appetite. This includes managing the company's risk register, ensuring that it is accurate, up-to-date, and reflective of the current risk environment. Facilitating risk identification and assessment workshops with stakeholders across the organization, recording risk information in the register and assigning risk owners to ensure timely and effective risk mitigation. Also ensures that risks are being effectively monitored and reported up to management. Additionally, this role supports the effective management of third-party cyber risks by conducting third-party cyber risk assessments. The analyst will collaborate with other technology departments, the Risk Management Group, Internal Audit, and key business stakeholders throughout the company to manage and maintain the risk register, evaluate overall information technology risk, and manage reporting on digital and technology third-party cyber risks. The analyst will also provide recommendations to enhance the organization's information security posture, assist in implementing information security policies and guidelines, and support regulatory compliance efforts. While third-party cyber risk management activities are not a primary function of this role, this role is expected to support the third-party cyber risk management activities as required.