Lead, Digital Risk and Compliance (Contract)

Posted 4 days ago

Job Details

Part Time

Location

Job Description

Location: Vancouver, BC, Canada
Employment Type: Contractor
Workplace Type: Hybrid

About our Vancouver Office

Located in the heart of downtown Vancouver, between the Pacific Ocean and the Coast Mountains, Teck's Corporate Office sits in one of Canada's most culturally diverse cities.

Surrounded by world-renowned nature and globally inspired cuisine, the office brings together many of Teck's corporate functions - all working toward Teck's purpose of providing the essential resources the world relies on.

Role Overview

Working with the Manager, Digital Risk & Compliance, the Lead will help maintain the three lines of defense model for risk control in the Risk and Regulatory Oversight group. They will operate as a 2nd line of defense coordinator and regularly interact with the 1st line of defense. This person will develop and maintain relationships with appropriate parties to support the Manager in achieving the enterprise's plan for managing digital risks and regulatory alignment. The Lead Digital Risk is the custodian of the IT General Controls (ITGC) Matrix and accountable for keeping it maintained. This includes leading audit remediation efforts for the IT function at Teck and staying informed about changes in governing laws, regulatory requirements, and standards.

This is an initial 12-month contract to start with strong possibility of extension based on program needs.

Develop your career with one of Canada's Top 100 Employers and join our team!

Responsibilities

Build and maintain compliance governance

Be a courageous safety leader, adhere to and sponsor safety and environmental rules and procedures
Develop and implement IT compliance programs, standards, and policies
Monitor and report on alignment with regulatory requirements and industry standards (e.g. PIPEDA, GDPR, NI52-109, Sarbanes-Oxley)
Maintain Teck's IT General Control (ITGC) Matrix for SOX purposes working with control owners and control performers to design improvements as appropriate
Lead annual ICFR system prioritization activities for IT
Support the implementation of technology governance, risk management, and compliance frameworks
Maintain and improve IT Policies and Standards to ensure they remain current, effective, and address relevant risks and compliance requirements
Define and maintain standards, procedures, and guidelines for activities involving the supervision and reporting of compliance using relevant tools
Stay up-to-date with changes in laws, regulations, and sector guidelines, and incorporate them into the company's compliance framework

Support development of new products and platforms

Deliver specialized knowledge related to digital risk oversight and governance in technology projects and initiatives (risk profiles may include security, availability, compliance, etc.) and translate compliance requirements into actionable tasks
Work with collaborators to implement, operationalize, and mature digital risk and coordinated risk management solutions

Perform compliance monitoring and reporting activities

Conduct compliance audits and assessments, identifying gaps and recommending corrective actions
Coordinate and provide updates on compliance and risk mitigation activities, identify remediation actions as necessary, and raise critical risk issues to senior management
Work with interested parties to develop and implement controls and perform risk assessments based on established controls and/or frameworks
Build path-to-compliance roadmaps alongside control owners to improve compliance and risk posture
Track audit finding remediation progress and prepare quarterly status updates

Collaborate with compliance partners

Support Assurance & Advisory to coordinate, carry out, and assess IT compliance audits
Support Teck's external auditors in prioritizing, carrying out, and assessing compliance audits
Collaborate with Finance's Management Controls and Compliance Group to prepare compliance audit reports to the Audit Committee
Collaborate with Legal, Assurance & Advisory, external auditors, and other groups to ensure comprehensive compliance coverage

Partner with Digital Risk & Compliance Team

Develop and operationalize a comprehensive risk assessment process which captures input from relevant collaborators
Develop risk registers which integrate with the company's ERM framework
Ensure that the organization's risk, including cyber risks, are understood and that business assets (e.g. data, hardware, software, systems, facilities, services, people) are identified and managed appropriately relative to their importance to organizational objectives and risk management strategy
Find opportunities to improve digital risk and compliance processes, ensuring they are streamlined and aligned with the latest industry standards and new technologies
Assist in managing digital risk incidents, ensuring swift response and thorough investigation
Prepare and present incident reports to leadership teams, providing insights into root causes and remediation plans
Act as a champion for promoting a risk-aware culture within the organization, encouraging proactive identification and mitigation of risks

Provide regular Digital Risk & Compliance awareness training

Prepare compliance reports for senior management and regulatory bodies
Develop and deliver training programs on risk management, compliance, and policy awareness to relevant teams and departments

Qualifications

10+ years of relevant experience in organizational controls, risk evaluation, and policy conformity and/or IT skills with high level of information security, risk management or IT Audit experience
Experience leading governance, risk management, and compliance assessment, improvement, maturity, and sustainment efforts
Knowledge of risk management models and regulatory practices in digital security
Knowledge and understanding of compliance guidelines with respect to cloud infrastructure and application security
Understanding of common security standards, control frameworks, regulations, and standards such as COBIT5, NIST CSF, ISO 270001, CIS Controls, SOC2, ISO 31000
Experience performing information security audits or risk assessments
Ability to manage and communicate within a matrix environment effectively
Effective interpersonal, communication, and presentation skills
Diligent and strong analytical skills

Certifications & Training

Information security related training or certifications such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or Certification in Risk Management Assurance (CRMA)
Preferred qualifications include a degree in technology, management, cybersecurity, or business, or relevant equivalent experience

Pay Range:

The actual amount offered is determined based on the successful candidate's relevant experience, skills, and competencies and considers internal equity.

Why Teck

At Teck, your work matters-to the world, to our communities and to your future.

As a leading Canadian resource company, we focus on responsibly providing the metals essential for global development and the energy transition while caring for the people, communities and land that we love. We do this guided by our values that, together, form The Teck Way . At Teck, you'll find purpose-driven work, a culture of respect and inclusion, and the opportunity to grow your career while helping build a better world.

Apply with us

Take the next step in your career by applying for theLead, Digital Risk and Compliance (Contract) role. We review applications on a rolling basis and encourage you to apply, even if your background doesn't match every requirement. We value diversity and are committed to an inclusive, barrier-free hiring process. Reasonable accommodations are available upon request.

Requisition ID: 53334| Job Category:Technology | Employment Type: Contractor | Location: Vancouver | Workplace Type: #LI - Hybrid

About Teck Resources

Teck is Canada’s largest diversified resource company, committed to responsibly providing products that are essential to building a better quality of life for people around the world. Our business units focus on steelmaking coal, a critical ingredient in steel production; zinc, used to galvanize and protect metals; copper, essential for electronics, power generation and transmission; and energy, necessary to meet growing global demand. Headquartered in Vancouver, British Columbia (B.C.), Canada, we own or have interests in 12 operating mines, one large metallurgical complex, an oil sands mining and processing operation, and several major development projects in North and South America. We offer opportunities across a wide range of activities related to exploration, development, mining and minerals processing, including smelting and refining, health and safety, environmental protection, materials stewardship, recycling and innovation and technology. Our people are our greatest resource. Teck was built by people with vision, creativity and ideas. Join the Teck team and become a part of that long tradition.