Analyst (RE-04), Technology Risk Division

Important messages

We are committed to providing an inclusive and barrier-free work environment, starting with the hiring process. If you need to be accommodated during any phase of the evaluation process, please use the Contact information below to request specialized accommodation. All information received in relation to accommodation will be kept confidential.

Assessment accommodation

NOTE: If you have applied to the Analyst (RE-04), Technology Risk Division reference number: SIF21J-018925-000481 and selection process number: 21/22-SIF-EA-7355, please note that your previous results may be applied to this process, as the assessment tools have not changed.

VACCINATION REQUIREMENT:
On October 6, 2021, the Government of Canada announced details of its plans to require vaccination across the federal public service:

• https://www.canada.ca/en/treasury-board-secretariat/news/2021/10/backgrounder-covid-19-vaccine-requirement-for-the-federal-workforce.html

As per OSFI’s Policy on COVID-19 Vaccination, employees must attest to their vaccination status. The requirement for employees to be fully vaccinated applies whether they are teleworking, working remotely or working on-site. This is a condition of employment and it applies to indeterminate (permanent), determinate (term), casual, and student hiring. Should you reach the point in the selection process where it is necessary to verify terms and conditions of employment, then a human resources representative will contact you in order to complete an attestation.

LOCATION: This position is located in Toronto; however, the successful candidate may work from one of the OSFI offices across Canada (Toronto, Montreal, Ottawa, or Vancouver).

As a result of the global pandemic, OSFI employees are currently working from home. Should the current telework environment no longer apply, and contingent on the operating model adopted by OSFI, you may be required to report into and work onsite from one of the following offices: Toronto, Montreal, Ottawa, or Vancouver. As our telework arrangements are evolving, we encourage you to apply.

EMPLOYMENT EQUITY:
Achieving a representative and diverse workforce has been identified as an organizational need for OSFI and may be applied at any time during this appointment process. If this criterion is used, only those who have indicated that they are members of the specified designated group(s) will be considered. As such, first consideration for an appointment may be given to candidates who self-declare as belonging to one of the four designated employment equity groups (Persons with a disability, Aboriginal people, Members of a Visible Minority, or Women).

In order to self-declare, please ensure to check off the appropriate box within the online application under the Employment Equity section. We encourage you to consult theses links to learn more about employment equity and self-declaration:

• https://www.canada.ca/en/public-service-commission/jobs/services/gc-jobs/employment-equity.html
• https://www.canada.ca/en/public-service-commission/jobs/services/gc-jobs/applying-government-canada-jobs-how-to-apply.html#EE

Duties

OSFI’s Technology Risk Division is seeking a highly motivated individual to join their team in the role of Analyst. The Analyst will provide technology and cyber risk expertise in identifying Federally Regulated Financial Institutions (FRFI) specific risks, industry-wide risks and/or sector specific trends and developments related to technology and cyber risks that may impact a FRFI’s operational resilience. Expertise includes technology crisis reporting, cyber incident response and thorough understanding and assessments of threats to any process or function that involves systems, data, infrastructure, networks, cyber security and digital technology impacting Deposit-taking Institutions, insurers and pension plans.

The RE-04 Analyst role involves:
• Effectively contributing to conducting technology and cyber risk assessments for FRFIs.
• Executing assessment work and special reviews, collaborating closely with Lead Supervisors in the assessment of controls, risk measurement and analysis of FRFIs
• Contributing to technology and cyber risk assessment work that supports effective risk management practices at FRFIs.
• Supporting and/or participating in onsite and/or desk examinations for the assessment of technology and cyber risk in FRFIs.
• Conducting approved assessments and analysis of defined risk practices; document findings, observations and reporting requirements; and contribute to the formulation of recommendations.
• Ensuring documentation is appropriately maintained; findings and recommendations are relevant, and that results are objectively supported.
• Assisting in the monitoring of FRFIs by analyzing operating reports and raising significant changes and results to the Lead Supervisor.
• Conducting research into current and emerging trends and matters of interest, particularly in the context of relevant risk area, to increase depth of technical knowledge and value add in the review and assessment of risk, and risk management practices within FRFIs
• Maintaining effective relationships with FRFIs to facilitate the exchange of information, assess trends and developments and to promote support for OSFI’s supervisory mandate.
• Providing observations and recommendations for improving and strengthening the application of OSFI’s Supervisory Framework in a defined context.

Work environment

Who we are:
The Office of the Superintendent of Financial Institutions (OSFI) is an independent agency of the Government of Canada, established in 1987 to contribute to the safety and soundness of the Canadian financial system. OSFI supervises and regulates federally registered banks and insurers, trust and loan companies, as well as private pension plans subject to federal oversight.

What OSFI offers:
OSFI is a separate agency that offers a competitive salary and eligibility for performance pay annually. People are the foundation of our organisation. You will become part of a diverse community that acknowledges everyone has varied experience and fosters an environment where communication and teamwork amplify our effectiveness. Working at OSFI offers the following:

Mandate:
The work you do at OSFI matters. Your efforts contribute to the safety and soundness of the Canadian Financial Sector. A strong financial sector promotes competition, and benefits all Canadians.

Learning & Development:
Our organisation understands that ongoing learning and development is critical and necessary, and must evolve with developments in the Financial Sector. Learning and Development is a component of our Human Capital Strategy.

Community & Culture:
We strive to create a working environment that allows employees to work to their fullest potential. We strive to promote employee wellbeing, including a focus on balancing work and personal needs. Where available, we offer opportunities for flexible working arrangements.

Benefits:
As a Federal Government Agency, OSFI offers a number of competitive benefits to its employees, including a Defined Benefit Pension Plan, maternity and parental leave benefits, vacation (4 weeks), personal and family leave days.

Who you are:
You should possess the following attributes:
• You are an individual with a broad financial industry and risk management perspective.
• You are keenly interested in contributing your expertise to promote a safer financial system.
• You have sound knowledge of the current and emerging risks in the financial services industry.
• You understand the techniques used in the measurement, monitoring and management of current and emerging risks.
• You work well with others.
• Your critical thinking skills help to inform your decision-making.

Intent of the process

A pool of qualified or partially qualified candidates may be created to staff similar or identical positions with various linguistic profiles and requirements, security profiles and/or various tenures within the Office of the Superintendent of Financial Institutions, which may vary according to the position being staffed.

Positions to be filled: 1

Information you must provide

Your résumé.

In order to be considered, your application must clearly explain how you meet the following (essential qualifications)

ESSENTIAL EDUCATION
• A degree or diploma from a post-secondary institution with specialization in information technology, information security, computer science, engineering, commerce, business, finance, economics, mathematics or other relevant field OR an acceptable combination of relevant professional industry experience and education.

Degree equivalency

ESSENTIAL EXPERIENCE
• Recent and significant experience related to technology risk management and/or cyber risk in one of the following areas: Business or Technology Operations, system/data analysis, risk management, or a related control function (i.e. information security, business continuity, disaster recovery, operational risk or internal/external audit e.g. application audit, cyber security audit, IT governance, operational or technical risk audit).

If you possess any of the following, your application must also clearly explain how you meet it (other qualifications)

In addition to the Essential Qualifications identified above, please provide details if you possess one or more of the following Asset Education and Asset Experience criteria identified below.

ASSET EDUCATION
• A graduate degree from a post-secondary institution.
• One or more of the following designations/certifications: GIAC Certified Incident Handler (GCIH), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT), Cloud Security Certification (CCSP), or other relevant designations.

Degree equivalency

ASSET EXPERIENCE
You may be required to meet a combination of any of these asset experience criteria:
• Recent and significant experience related to technology risk management and/or cyber risk in the financial services industry* in one of the following areas: Business or Technology Operations, system/data analysis, risk management, or a related control function (i.e. information security, business continuity, disaster recovery, operational risk or internal/external audit e.g. application audit, cyber security audit, IT governance, operational or technical risk audit).
• Recent and significant experience related to technology risk management and/or cyber risk in two of the following areas: Business or Technology Operations, system/data analysis, risk management, or a related control function (i.e. information security, business continuity, disaster recovery, operational risk or internal/external audit e.g. application audit, cyber security audit, IT governance, operational or technical risk audit).
• Recent and significant experience within the Federal Public Service
• Recent participation in cyber security incident handling (detection, monitoring, analysis and recovery).
• Recent experience in performing cyber security trend analysis.

*Financial services industry includes experience working in a financial institution, including banks, insurance companies, pension funds, wealth management firms, and accounting firms (dealing with audits), as well as government departments that directly deal with the supervision and regulation of these institutions, or other relevant areas.

The following will be applied / assessed at a later date (essential for the job)

English essential

Information on language requirements

ESSENTIAL KNOWLEDGE
• Knowledge of current and/or emerging technology or IT risks, issues or trends facing financial institutions.
• Knowledge of current and/or emerging information risks in financial institutions.
• Knowledge of current and/or emerging cyber security risks in financial institutions.

ESSENTIAL COMPETENCIES
• Critical thinking
• Service Orientation
• Developing Myself
• Results Orientation
• Excellent Written Communication Skills
• Excellent Oral Communication Skills

The following may be applied / assessed at a later date (may be needed for the job)

ASSET KNOWLEDGE
• Knowledge of data science and analytic techniques (modeling, machine learning and artificial intelligence applications).
• Knowledge of technology risk, innovative FinTech products and/or cyber risk as they relate to the financial services industry.
• Knowledge of current and emerging business and environmental trends/issues as they relate to the financial services industry.
• Knowledge of the banking and/or insurance sectors including key products and functions, and the information and techniques used in their measurement and management.
• Basic understanding of OSFI’s Supervisory Framework.

ASSET COMPETENCIES
• Impact and Influence
• Collaboration
• Professional Judgement
• Building Business Relationships
• Values and Organizational Commitment

ORGANIZATIONAL NEEDS
OSFI is committed to having a skilled and diverse workforce representative of the Canadian population. In order to meet our employment equity objectives, selection for this position may be made from among qualified candidates who self-declare as belonging to one of the following Employment Equity groups: Persons with a disability, Aboriginal people, Members of a Visible Minority, or Women. OSFI is committed to diversity and inclusion and we strongly encourage candidates to self-declare if they belong to one of these designated employment equity groups.

Conditions of employment

Security – Reliability

Willingness and ability to travel domestically

In our current telework environment, the ability to work remotely from home within Canada with access to Internet in one’s residence is a condition of employment.

All employees of the Office of the Superintendent of Financial Institutions (OSFI) are required to be fully vaccinated against COVID-19 unless accommodated based on a medical contraindication, religion, or another prohibited ground for discrimination as defined under the Canadian Human Rights Act.

Other information

The Public Service of Canada is committed to building a skilled and diverse workforce that reflects the Canadians we serve. We promote employment equity and encourage you to indicate if you belong to one of the designated groups when you apply.

Information on employment equity

OSFI is a separate agency with its own classification and compensation system. OSFI's staffing is subject to the Public Service Employment Act (PSEA).

Internal employees of OSFI at the same group and level may be considered and offered a deployment or assignment before considering other applicants.

An assignment/secondment or an acting appointment requires approval of your supervisor.

For this selection process, it is our intention to communicate with candidates via email. Candidates must include a valid email address in their application. It is the candidate’s responsibility to ensure accurate information is provided and updated as required. As a result you must update your personal information on your Public Service Resourcing System profile if it changes.

Note that you should be ready to provide proof of your education credentials if requested as part of the staffing process.

RESUMES:
Applicants must clearly demonstrate using sufficient details, how they meet the education and experience factors listed under the essential qualifications, as well as any of the asset qualifications that are applicable, including timelines of when this experience was gained (please indicate month and year). Lack of DETAILS may result in your application being rejected as the Assessment Board may have insufficient information to determine whether you meet the qualifications.

SCREENING QUESTIONS (if applicable):
It is the responsibility of the candidate to clearly outline that they meet each of the screening criteria (i.e. Education and Experience Qualifications, both Essential and Assets) by RESPONDING TO THE SCREENING QUESTIONS IN THE ONLINE APPLICATION. Please note that it is not sufficient to only state that the requirement is met or to provide a listing of current responsibilities, rather the candidate must provide concrete examples that illustrate how they meet the requirement. Your resume will be used to validate the answers provided; therefore, it should also contain sufficient details regarding your education and experience.

ASSESSMENT:
Your application may be used to assess written communication.

Assessments may be conducted virtually through email, telephone and/or videoconference. It is the candidate’s responsibility to ensure that their computer and mobile equipment is in working condition before starting an assessment.

REFERENCE CHECKS/PERFORMANCE REVIEWS:
As part of the assessment, reference checks may be sought and candidates may be required to submit their performance reviews. For internal candidates of the Public Service, the Assessment Committee reserves the right to contact the internal candidates’ current manager(s).

The following options may be used at any stage of the selection process in the determination of those to be given further consideration: random selection, top down selection, or meeting any asset qualifications.

The client organization will accept applications on-line only. All job applications must therefore be submitted through the Public Service Resourcing System. To submit an application on-line, please select the button 'Apply online' below. Persons without Internet access may also review jobs open to the public through INFOTEL at 1-800-645-5605.

Applicants with disabilities: If you require special accommodation at any stage in the selection process, including technical aid to ensure an equitable assessment of your qualifications, please inform us by sending an e-mail to the following address .

Preference

Preference will be given to veterans first and then to Canadian citizens and permanent residents, with the exception of a job located in Nunavut, where Nunavut Inuit will be appointed first.

Information on the preference to veterans

We thank all those who apply. Only those selected for further consideration will be contacted.