Managing Director (REX-08), Technology Risk Division

Important messages

We are committed to providing an inclusive and barrier-free work environment, starting with the hiring process. If you need to be accommodated during any phase of the evaluation process, please use the Contact information below to request specialized accommodation. All information received in relation to accommodation will be kept confidential.

Assessment accommodation

If you have a limitation that may impact your performance at any steps of the assessment process (such as submitting the application, written test or an interview), you may request an accommodation. Assessment accommodations are designed to remove barriers, and to ensure that candidates with limitations can fully demonstrate their abilities. Should you wish to be accommodated, please direct your inquiry to the contact identified at the bottom of this poster. All information received in relation to accommodation will be kept confidential.

*If you have previously applied for the Managing Director (REX-08), Technology Risk Division selection process 22/23-SIF-IA-8001 (Reference number: SIF22J-038896-00002), you do not need to reapply to this process.

VACCINATION REQUIREMENT:
On October 6, 2021, the Government of Canada announced details of its plans to require vaccination across the federal public service:

• https://www.canada.ca/en/treasury-board-secretariat/news/2021/10/backgrounder-covid-19-vaccine-requirement-for-the-federal-workforce.html

As per OSFI’s Policy on COVID-19 Vaccination, employees must attest to their vaccination status. The requirement for employees to be fully vaccinated applies whether they are teleworking, working remotely or working on-site. This is a condition of employment and it applies to indeterminate (permanent), determinate (term), casual, and student hiring. Should you reach the point in the selection process where it is necessary to verify terms and conditions of employment, then a human resources representative will contact you in order to complete an attestation.

POSITION LOCATION:
This position is located in Toronto.
As a result of the global pandemic, OSFI employees are currently working from home. Should the current telework environment no longer apply, and contingent on the operating model adopted by OSFI, you may be required to report into and work onsite from the Toronto Office. As our telework arrangements are evolving, we encourage you to apply.

EMPLOYMENT EQUITY:
Achieving a representative and diverse workforce has been identified as an organizational need for OSFI and may be applied at any time during this appointment process. If this criterion is used, only those who have indicated that they are members of the specified designated group(s) will be considered. As such, first consideration for an appointment may be given to candidates who self-declare as belonging to one of the four designated employment equity groups (Persons with a disability, Aboriginal people, Members of a Visible Minority, or Women).

In order to self-declare, please ensure to check off the appropriate box within the online application under the Employment Equity section. We encourage you to consult theses links to learn more about employment equity and self-declaration:

• https://www.canada.ca/en/public-service-commission/jobs/services/gc-jobs/employment-equity.html
• https://www.canada.ca/en/public-service-commission/jobs/services/gc-jobs/applying-government-canada-jobs-how-to-apply.html#EE

Duties

The Managing Director will be responsible for overseeing the Technology Risk Division (TRD), which is responsible for the supervision of technology risk as it pertains to the financial services industry in Canada including cyber and information security, in-house and third party fintech developments, technology risk management including governance, and organizational resilience to cyber disruption. This position forms part of a larger focus for OSFI on non-financial risks of the financial institutions it regulates. This area of specialised IT risk management will be responsible for supervisory risk assessments (technology and cyber risks) including assessment of cyber risk events in federally regulated financial institutions (FRFIs), advising OSFI Senior Management, internal stakeholders and other regulatory agencies/authorities as appropriate, and will work collaboratively across OSFI on broader strategic initiatives. This is an exciting opportunity for the successful candidate given OSFI’s direct involvement in the development of Canada’s broader initiatives pertaining to technology and cyber risk.

The successful candidate will possess varied and solid experience in the financial services industry and an in-depth understanding of current business issues and trends in the technology environment. Developing, coaching, and leading staff (at all levels, including Executive) is a key responsibility of this position.

Work environment

Our Role:
OSFI is an independent federal government agency that regulates and supervises more than 400 federally regulated financial institutions and 1,200 pension plans to determine whether they are in sound financial condition. In fulfilling its mandate, OSFI supports the government's objective of contributing to public confidence in the Canadian financial system.
Learn more about us 👉 https://youtu.be/QO_3vnPKuZI

Our People and Culture:
People are the foundation of our organization. You will become part of a diverse community that acknowledges everyone has varied experience and fosters an environment where communication and teamwork amplify our effectiveness. We have several networks dedicated to ensuring that the department continues to grow as an inclusive, accessible, respectful and diverse workplace. All employees are encouraged and welcome to join the following networks and participate in their activities and events.
• Diversity of Thought
• Family Responsibilities
• Gender
• LGBTQ2IS
• Mental Health and Accessibility
• Multiculturalism (Affinity Groups: Indigenous, Asian, Black)
• Unconscious Bias
Hear about our people 👉 https://youtu.be/diUspmpYWQI

Our Rewards:
💵 Compensation: OSFI offers a competitive salary, and employees may be eligible for in-range increases and economic adjustments. Salaries are based on qualifications, experience and knowledge. The Public Service Pension Plan is a defined benefits pension plan (indexed for inflation), where both the employer and the employee contribute.

💰 Performance Pay: OSFI employees are eligible for an annual bonus based on their performance throughout the year.

✈️ Vacation and Leave: OSFI employees start with 4 weeks of paid vacation, 2 personal days and 5 days of Family Related Leave with Pay among other various types of paid and unpaid leave.

💻 Flexible Work Arrangements: OSFI offers flexible work arrangements by providing support for compressed work week schedules, flexible work hours and teleworking, in order for employees to achieve their work objectives while achieving balance between work and homelife.

📖 Learning and Development: OSFI offers career advancement opportunities and encourages innovative thinking in its work environment. Employees may be reimbursed for relevant professional association membership fees.

Intent of the process

A pool of qualified or partially qualified candidates may be created to staff similar or identical positions with various linguistic profiles and requirements, security profiles and/or various tenures within the Office of the Superintendent of Financial Institutions, which may vary according to the position being staffed.

Positions to be filled: 1

Information you must provide

Your résumé.

In order to be considered, your application must clearly explain how you meet the following (essential qualifications)

ESSENTIAL EDUCATION
• A university degree with specialization in information technology, information security, computer science, engineering, commerce, business, finance, economics, mathematics OR an acceptable combination of relevant professional industry experience and education.

Degree equivalency

ESSENTIAL EXPERIENCE
• Recent and significant experience related to technology risk management and/or cyber risk in the financial services industry* in one of the following areas: cyber resiliency, technology operations, cyber operations, cyber threat management, or a related control function with a technology or cyber focus (e.g. IT governance, technology risk audit).
• Recent and significant people leadership experience developing, coaching, and training staff.
• Demonstrated effective leadership experience in managing a team.

*Financial services industry experience is defined as experience working in one or more of the following areas: (a) financial institutions including banks, trust and loan companies, and insurance companies (b) firms dealing with audits or consulting engagements to such institutions (including reinsurance brokers) (c) technology and data companies providing services to financial institutions or linked to the delivery of financial services (d) government departments that directly deal with the supervision and regulation of these institutions (e) First Nation Institutions including: Band operations, trustees or administrators of pension plans, lending institutions or other related areas providing financial services (f) other relevant areas.

If you possess any of the following, your application must also clearly explain how you meet it (other qualifications)

In addition to the Essential Qualifications identified above, please provide details if you possess one or more of the following Asset Education and Asset Experience criteria identified below.

ASSET EDUCATION
• An MBA or one of the following designations/certifications: CA, CGA, CMA, CFA, Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT) or other relevant designations.

Degree equivalency

ASSET EXPERIENCE
You may be required to meet a combination of any of these asset experience criteria:
• Recent and significant experience related to technology risk management and/or cyber risk in the financial services industry* in two of the following areas: cyber resiliency, technology operations, cyber operations, cyber threat management, or a related control function with a technology or cyber focus (e.g. IT governance, technology risk audit).
• Recent and significant experience analyzing innovative fintech products relating to key risk areas for financial institutions.
• Recent and significant experience in supervising, examining or auditing financial institutions.
• Recent experience in strategy development and implementation, change management, and partnership building.
• Recent and significant experience in technology or cyber incident management.
• Experience in a central support function (including Supervision Methods, Standards and Controls, formerly Common Supervisory Services) within financial sector regulation and/or supervision of OSFI.

*Financial services industry experience is defined as experience working in one or more of the following areas: (a) financial institutions including banks, trust and loan companies, and insurance companies (b) firms dealing with audits or consulting engagements to such institutions (including reinsurance brokers) (c) technology and data companies providing services to financial institutions or linked to the delivery of financial services (d) government departments that directly deal with the supervision and regulation of these institutions (e) First Nation Institutions including: Band operations, trustees or administrators of pension plans, lending institutions or other related areas providing financial services (f) other relevant areas.

The following will be applied / assessed at a later date (essential for the job)

English essential

Information on language requirements

ESSENTIAL KNOWLEDGE
• Knowledge of IT risk management practices and IT controls as they relate to the financial services industry, including cyber risk.
• Knowledge of current and emerging business and environmental trends/issues as they relate to the financial services industry, including fintech products and services.
• Knowledge of regulatory and supervisory practices globally as they relate to the financial services industry.

ESSENTIAL COMPETENCIES
• Leading people
• Innovation
• Transparency
• Inclusion

ESSENTIAL ABILITIES
• Ability to communicate effectively in writing
• Ability to communicate effectively verbally

The following may be applied / assessed at a later date (may be needed for the job)

ASSET KNOWLEDGE
• Knowledge of the methods, practices and approaches related to integrated planning, business coordination, performance reporting, budget administration and centralized administrative coordination.
• Knowledge of OSFI’s Supervisory Framework and assessments.
• Knowledge of the different cyber threat models including MITRE ATTACK framework.
• Knowledge of different Intelligence led Red teaming frameworks including CBEST and TIBER.
• Knowledge of cyber threat intelligence practices and different threat groups targeting the financial sector and their Tactics, techniques and procedures (TTPs)

ASSET COMPETENCIES
• Interpersonal Communication
• Growth and Development
• Critical Thinking
• Results Orientation

ORGANIZATIONAL NEEDS
OSFI is committed to having a skilled and diverse workforce representative of the Canadian population. In order to meet our employment equity objectives, selection for this position may be made from among qualified candidates who self-declare as belonging to one of the following Employment Equity groups: Persons with a disability, Aboriginal people, Members of a Visible Minority, or Women. OSFI is committed to diversity and inclusion, and we strongly encourage candidates to self-declare if they belong to one of these designated employment equity groups.

Conditions of employment

• Security –Secret
• In our current telework environment, the ability to work remotely from home within Canada with access to Internet in one’s residence is a condition of employment.
• All employees of the Office of the Superintendent of Financial Institutions (OSFI) are required to be fully vaccinated against COVID-19 unless accommodated based on a medical contraindication, religion, or another prohibited ground for discrimination as defined under the Canadian Human Rights Act.
• Agreement to be deployed into another REX position within OSFI at the same level.
• Ability and willingness to work overtime.
• Ability and willingness to travel internationally and/or domestically when required.

Other information

The Public Service of Canada is committed to building a skilled and diverse workforce that reflects the Canadians we serve. We promote employment equity and encourage you to indicate if you belong to one of the designated groups when you apply.

Information on employment equity

OSFI is a separate agency with its own classification and compensation system. OSFI's staffing is subject to the Public Service Employment Act (PSEA).

Internal employees of OSFI at the same group and level may be considered and offered a deployment or assignment before considering other applicants.

An assignment/secondment or an acting appointment requires approval of your supervisor.

For this selection process, it is our intention to communicate with candidates via email. Candidates must include a valid email address in their application. It is the candidate’s responsibility to ensure accurate information is provided and updated as required. As a result you must update your personal information on your Public Service Resourcing System profile if it changes.

Note that you should be ready to provide proof of your education credentials if requested as part of the staffing process.

RESUMES:
Applicants must clearly demonstrate using sufficient details, how they meet the education and experience factors listed under the essential qualifications, as well as any of the asset qualifications that are applicable, including timelines of when this experience was gained (please indicate month and year). Lack of DETAILS may result in your application being rejected as the Assessment Board may have insufficient information to determine whether you meet the qualifications.

SCREENING QUESTIONS (if applicable):
It is the responsibility of the candidate to clearly outline that they meet each of the screening criteria (i.e. Education and Experience Qualifications, both Essential and Assets) by RESPONDING TO THE SCREENING QUESTIONS IN THE ONLINE APPLICATION. Please note that it is not sufficient to only state that the requirement is met or to provide a listing of current responsibilities, rather the candidate must provide concrete examples that illustrate how they meet the requirement. Your resume will be used to validate the answers provided; therefore, it should also contain sufficient details regarding your education and experience.

ASSESSMENT:
Your application may be used to assess written communication.

Assessments may be conducted virtually through email, telephone and/or videoconference. It is the candidate’s responsibility to ensure that their computer and mobile equipment is in working condition before starting an assessment.

REFERENCE CHECKS/PERFORMANCE REVIEWS:
As part of the assessment, reference checks may be sought and candidates may be required to submit their performance reviews. For internal candidates of the Public Service, the Assessment Committee reserves the right to contact the internal candidates’ current manager(s).

The following options may be used at any stage of the selection process in the determination of those to be given further consideration: random selection, top down selection, or meeting any asset qualifications.

The client organization will accept applications on-line only. All job applications must therefore be submitted through the Public Service Resourcing System. To submit an application on-line, please select the button 'Apply online' below. Persons without Internet access may also review jobs open to the public through INFOTEL at 1-800-645-5605.

Applicants with disabilities: If you require special accommodation at any stage in the selection process, including technical aid to ensure an equitable assessment of your qualifications, please inform us by sending an e-mail to the following address .

Once the appointment process is finalized, you will be notified of the results. Notifications related to this selection process, will be posted on the Public Service Resourcing System.

Preference

Preference will be given to veterans first and then to Canadian citizens and permanent residents, with the exception of a job located in Nunavut, where Nunavut Inuit will be appointed first.

Information on the preference to veterans

We thank all those who apply. Only those selected for further consideration will be contacted.