You're using an older version of Internet Explorer that is no longer supported. Please update your browser.

Senior Manager, Enterprise Business Continuity Management Risk

Toronto, ON
Full Time
2 days ago
100 King Street West

Job Family Group:

Audit, Risk & Compliance

If you're looking for your next dream job, consider this one in BMO's ERPM Risk group where every colleague helps protect and grow the bank by providing independent review and oversight of enterprise-wide risks, working together to maintain a risk management framework and fostering a strong risk culture. #ERPMDreamJobs

Senior Manager, Enterprise Business Continuity Management Risk (EBCMR), ensures that an auditable Business Continuity Management (BCM) risk framework which supports the Bank's Operational Resilience strategy, consistent with regulatory requirements across jurisdictions in which the Bank operates is developed, maintained and adhered to across the Enterprise. EBCMR provides oversight, monitoring and reporting on BCM Risk, including maintenance of the BCM Risk Directive; working with stakeholders to implement metrics and program standards to ensure compliance as well as effective monitoring, timely reporting and identification of remediation action plans. As the second line, BCM Risk Specialty Area (RSA), deliver and integrate all components of an effective governance framework for EBCM Risk Oversight.

Oversees, monitors, and reports on information and technology risks for a designated portfolio. Develops and monitors the risk management and governance framework and practices leveraged across BMO to manage information and technology risks. Develops and monitors adherence to policies, standards, methodologies, and controls that increase transparency, accuracy, and consistency across groups. Works with stakeholders to implement the methodology, metrics, and program standards for the assigned portfolio to ensure compliance, effective monitoring, timely reporting, and identify action plans.
  • Ensure the ongoing alignment of the BCM Risk Framework and governance processes with the requirements of the Operational Non-Financial Risk Management Framework (ONFRMF).
  • Review and challenge first line BCM Centre of Excellence (COE) team, Global Continuity and Crisis Management (GCCM), consistent with the ONFRMF Guiding Principles and associated Guidance for the BCM Program, data and reporting as well as the inventory and assessment of controls related to BCM.
  • Fosters a culture aligned to BMO purpose, values and strategy and role models BMO values and behaviours in all that they do.
  • Ensures alignment between values and behaviour that fosters diversity and inclusion.
  • Regularly connects work to BMO's purpose, sets inspirational goals, defines clear expected outcomes, and ensures clear accountability for follow through.
  • Builds interdependent teams that collaborate across functional and operating groups to create the highest value for all stakeholders.
  • Improves team performance, recognizes and rewards performance, coaches employees, supports their development, and manages poor performance.
  • Provides strategic input into business decisions as a trusted advisor.
  • Makes recommendations to senior leaders on strategy and new initiatives based on an in-depth understanding of the business/group.
  • Acts as a subject matter expert on relevant regulations and policies.
  • May network with industry contacts to gain competitive insights and best practices.
  • Interprets new regulations and assesses impacts to the governance framework.
  • Develops reports on the status of the governance program or framework components to various internal and external stakeholder audiences.
  • Influences and negotiates to achieve business objectives.
  • Identifies emerging issues and trends to inform decision-making.
  • Researches existing or emerging requirements and related best practices to develop recommendations for changes/enhancements.
  • Independently assesses the information and technology risk profile (e.g. exposures, material initiatives, systems issues or weaknesses in the control structure) for the assigned portfolio.
  • Recommends business priorities, advises on resource requirements and develops roadmap for strategic execution.
  • Manages resources and leads the execution of strategic initiatives to deliver on business and financial goals.
  • Measures the effectiveness of risk governance system and framework; recommends changes as required.
  • Conducts independent analysis and assessment to resolve strategic issues.
  • Leads the development and maintenance of the governance system and framework.
  • Ensures alignment between stakeholders.
  • Represents the risk program / governance structure during internal/external regulatory audits and/or examinations.
  • Acts as the prime subject matter expert for internal/external stakeholders.
  • Coordinates the management of databases; ensures alignment and integration of data in adherence with data governance standards.
  • Designs and produces regular and ad-hoc reports, and dashboards.
  • Develops and manages comprehensive information management systems; designs and/or leads initiatives to improve processes, analysis and reporting.
  • Leads change management programs of varying scope and type, including readiness assessments, planning, stakeholder management, execution, evaluation and sustainment of initiatives.
  • Leads the development of the communication strategy focusing on positively influencing or changing behaviour.
  • Leads the execution of operational programs; assesses and adapts as needed to ensure quality of execution.
  • Manages the review and sign-off process for relevant regulatory reporting.
  • May provide specialized support for other internal and external regulatory requirements.
  • Leads/participates in the design, implementation and management of core business/group processes.
  • Administers and maintains technology and information security and management risk program activities adhering to applicable policies, procedures, and established processes.
  • Reviews new business initiatives and monitors existing initiatives to identify potential risk situations/ impacts; makes recommendations or escalates as per guidelines.
  • Identifies potential risk situations / impacts and makes recommendations or escalates.
  • Provides advice and guidance to assigned business/group on implementation of the risk framework, including effective challenge.
  • Coordinates and participates in the execution of oversight/governance activities including reporting; assessment of education & training needs, development/delivery of training; development and execution of regulatory administration processes & procedures.
  • Consults with stakeholders to improve consistency and transparency of risk measurement, metrics and reporting.
  • Supports the development and maintenance of the governance system and framework including supporting policy/standard/operating procedures lifecycle management, education and training assessments.
  • Builds effective relationships with internal/external stakeholders e.g. business stakeholders and corporate support areas to provide second line of defense information and technology risk management support.
  • Manages databases and provides support for analysis, forecasting and/or data visualization, ensuring adherence with data governance standards.
  • Analyzes data and information to provide insights and recommendations; includes identification of risk impacts for new processes and workflows related to initiatives.
  • Maintains tools and templates for information and technology risk programs and standards e.g. Risk Control Self Assessment (RCSA), Sarbanes-Oxley (SOX), business continuity planning standards and policies for internal and third-party solution development.
  • Develops and maintains in-depth knowledge of business and related risk management requirements and legislative/ regulatory directives and guidance.
  • Builds effective relationships with internal/external stakeholders.
  • Analyzes data and information to provide insights and recommendations.
  • Operates at a group/enterprise-wide level and serves as a specialist resource to senior leaders and stakeholders.
  • Applies expertise and thinks creatively to address unique or ambiguous situations and to find solutions to problems that can be complex and non-routine.
  • Implements changes in response to shifting trends.
  • Broader work or accountabilities may be assigned as needed.

  • Typically 7+ years of relevant experience and post-secondary degree in related field of study or an equivalent combination of education and experience.
  • Degree in Information Technology, Computer Science, Business Administration, or related field of study preferred.
  • Industry certification in one or more of the following: BCI, PMI, DRII, CCSA, CISA, CA, CCSP, ISC, ITIL, etc.
  • In-depth / expert knowledge of Business Continuity Management practices and protocols, including in-depth knowledge of international BCM standards promoted by BCI, DRI and ISO.
  • In-depth / expert knowledge of regulatory requirements (e.g., FFIEC Business Continuity, etc.)
  • In-depth / expert knowledge of information and technology risk management practices.
  • In-depth / expert knowledge of the designated business / product portfolio.
  • In-depth / expert knowledge and experience with risk policy frameworks; quality control / testing frameworks.
  • Seasoned professional with a combination of education, experience and industry knowledge.
  • Verbal & written communication skills - In-depth / Expert.
  • Analytical and problem solving skills - In-depth / Expert.
  • Influence skills - In-depth / Expert.
  • Collaboration & team skills; with a focus on cross-group collaboration - In-depth / Expert.
  • Able to manage ambiguity.
  • Data driven decision making - In-depth / Expert.

We're here to help

At BMO we are driven by a shared Purpose: Boldly Grow the Good in business and life. It calls on us to create lasting, positive change for our customers, our communities and our people. By working together, innovating and pushing boundaries, we transform lives and businesses, and power economic growth around the world.

As a member of the BMO team you are valued, respected and heard, and you have more ways to grow and make an impact. We strive to help you make an impact from day one - for yourself and our customers. We'll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we'll help you gain valuable experience, and broaden your skillset.

To find out more visit us at .

BMO is committed to an inclusive, equitable and accessible workplace. By learning from each other's differences, we gain strength through our people and our perspectives. Accommodations are available on request for candidates taking part in all aspects of the selection process. To request accommodation, please contact your recruiter.

Note to Recruiters: BMO does not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to BMO, directly or indirectly, will be considered BMO property. BMO will not pay a fee for any placement resulting from the receipt of an unsolicited resume. A recruiting agency must first have a valid, written and fully executed agency agreement contract for service to submit resumes.