Local Job Posting 

 

Job Opening in Vancouver Area


Current Job Postings

IT Audit Manager


We’re looking for an audit manager with a focus on information technology to lead an internal audit team who provide risk-based internal assurance services to evaluate and contribute to the improvement of governance, risk management, and internal control processes. You’ll represent the Internal Audit department and provide project and assurance leadership and direction to staff, while planning and conducting complex assurance and risk advisory engagements.
Consider joining a team who apply award-winning practices and strive to deliver innovative and leading internal audit services to their clients.
What you’ll do
As an audit manager you will:
 Plan and conduct risk based audits to evaluate the adequacy and effectiveness of risk management, control, and governance processes
 Lead and mentor the internal audit team
 Represent the department and interact with senior management
 Plan for future departmental requirements for skills, resources, and procedures, and create an environment that supports learning and renewal
Is this a good fit for you?
We’re looking for someone who can:
 Take initiative and use innovation, challenging current procedures and practices, and evaluating opportunities and improvements
 Provide mentorship and direction to staff while demonstrating ethical and professional behavior, objectivity, and an appreciation for differing perspectives
 Communicate clearly and succinctly in both oral and written form to all levels of the organization
 Understand client needs and ensure knowledgeable and timely service
Your background and experience:
 A professional accounting designation – CPA (CGA, CMA, CA) or an IT certification/designation (CISSP, CISM, or other applicable IT certifications)
 A minimum of 10 years of business experience that includes:
o at least five years of IT audit experience
o at least five years in a leadership role
 Other education and work experience will be considered, but should include:
o strong management, business analysis, and risk management expertise
o excellent written and verbal communication skills and outstanding interpersonal skills
 A CIA or CISA designation is mandatory
 Experience with IT audits is a requirement
Who are we?
At WorkSafeBC, we’re dedicated to promoting safe and healthy workplaces across British Columbia. We partner with workers and employers to save lives and prevent injury, disease, and disability. When work-related injuries or diseases occur, we provide compensation, and support injured workers in their recovery, rehabilitation, and safe return to work. We also work diligently to sustain our workers compensation system for today and future generations. We’re honoured to serve the 2.3 million workers and 231,000 registered employers in our province.
What’s it like to work at WorkSafeBC?
It’s challenging, stimulating, and hugely rewarding. Our positions offer tremendous diversity and excellent opportunities for professional growth. Every day, the work we do impacts people and changes lives. What we do is important and so are the people we do it for.
Our benefits
Being part of WorkSafeBC means being part of a strong, committed team. Along with a competitive salary, your total compensation package may include vacation, optional leave arrangements, health care and dental benefits, and contributions toward your retirement pension. As a member of our team, you'll have access to services and benefits that can help you get the most out of work — and life. Learn more about what we offer.
We’re an inclusive and accessible employer, committed to employment equity objectives, and we invite applications from all qualified individuals. Please note that this position is restricted to those legally entitled to work in Canada.

To apply
Visit our career page at www.worksafebc.com and select Current Opportunities to submit a resume and cover letter that details your characteristics, accomplishments, and prior work experience related to the requirements for the position. We can only accept applications submitted through our website.
Application deadline: July 19, 2018
Thank you, in advance, for applying. Unfortunately, we’re only able to contact those whose applications we will be pursuing further.

Posted on June 19th, 2018

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Senior IT Auditor | Global Risk & Advisory Services


Who we are
lululemon is a yoga-inspired technical apparel company up to big things. The practice and philosophy of yoga informs our overall purpose to elevate the world through the power of practice. We are proud to be a growing global company with locations all around the world, from Vancouver to Shanghai, and places in between. We owe our success to our innovative product, our emphasis on our stores, our commitment to our people, and the incredible connections we get to make in every community we are in.
About this team
The Global Risk & Advisory Services team are problem solvers, insight and solution generators, and trusted advisors to the business. We leverage our risk and control expertise to support risk management and to drive continuous process improvements and cost savings. We also partner with various parts of the business (Brand, Product, IT, and Finance, to name a few) and engage in open dialogue to tap into the creativity of our people and action innovative solutions.
A day in the life:
• Demonstrate an understanding of key IT and automated business processes and perform testing of the design and operating effectiveness of controls within those processes (General IT Controls and Automated Business Controls).
• Perform testing of annual compliance with Sarbanes-Oxley (SOX) regulations by working closely with management and process owners, assessing control design, and testing the operating effectiveness, of key controls.
• Plan and perform operational IT audits across information security, business and operational systems, and IT operations in accordance with the Global Risk & Advisory Services IT Audit Plan and ad-hoc business and IT requests. Such projects involve obtaining a deeper understanding of existing IT and business processes and investigation into root causes of identified risks.
• Proactively identify opportunities for IT business process improvements through execution of SOX and operational audit projects, risk assessments, thought leadership, industry knowledge and assistance of internal/external subject matter experts, and develop clear and concise recommendations to process owners and the Global IT Risk & Advisory Services Manager. Prepare formal workpapers and audit reports.
• Perform pre-implementation assessments for large-scale process/systems implementation projects.
• Contribute to building data analytics and visualization capabilities within the team for use on SOX and operational audit and advisory projects, in addition to continuous auditing/monitoring programs.
Qualifications:
• Bachelor’s degree (preferably Management Information Systems, Accounting, or Business Management). At least one of the following professional certifications: CISA, CIA, or CPA.
• Minimum 4 years IT auditing experience or a combination of auditing and information security experience (public accounting experience from a Big 4 firm is preferred).
• Knowledge/experience with data security and privacy regulations (e.g. ISO 27001, PCI DSS, GDPR).
• Effective communication and relationship-building skills, a natural affinity for being curious and inquisitive, and an ability to work with ambiguity, analyze situations and problem solve.
• Proficiency with a data analytics tool (e.g. ACL, Arbutus, Tableau, SQL queries) and continuous audting or desire to learn how to utilize data analytics.
Must haves:
• Acknowledges the presence of choice in every moment and takes personal responsibility for their life.
• Possesses an entrepreneurial spirit and continuously innovates to achieve great results.
• Communicates with honesty and kindness, and creates the space for others to do the same.
• Leads with courage, knowing the possibility of greatness is bigger than the fear of failure.
• Fosters connection by putting people first and building trusting relationships.
• Integrates fun and joy as a way of being and working, aka doesn’t take themselves too seriously.

Posted on June 1st, 2018

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Program Risk Analyst


UBC is embarking on a multi-year journey to transform its academic and administrative support processes and system environments for the entire UBC community. The Integrated Renewal Program unites previously independent projects, formerly known as Student Academic Systems Initiative (IRP), and HR Finance Renewal to replace 20- year old legacy systems. The Integrated Renewal Program vision is to transform the way UBC supports learning and research, and how UBC works, to create a cohesive, integrated, and enriched experience for students, staff, and faculty.
The Integrated Renewal Program will implement one core platform for students, faculty and staff to conduct administrative - tasks – resulting in a better user experience, a new set of tools, a new way of working, and improved reporting for informed decision-making.
This role is part of the team that will deliver an enterprise-wide solution that:

1. Supports an engaged, collaborative, and exceptional learning, research, and working environment for students, staff, and faculty.
2. Enables a cohesive alignment of practices and processes.
3. Creates a simple, intuitive, consistent user experience where we interact with confidence and ease.
4. Ensures reliable, integrated, and accessible institutional data that enables people to make informed, strategic decisions.
5. Positions UBC and its people to embrace opportunities and adapt to future needs and requirements.
6. Provides robust, secure, sustainable solutions that are fiscally responsible.

The Program Risk Analyst will oversee the management of workstream specific risks relating to the Integrated Renewal Program (IRP) by creating and implementing a Risk Management Plan, facilitating risk identification, developing risk responses, reporting on key risk indicators and status, and leveraging and improving existing risk management tools, templates, standards, and processes. This position is also responsible for developing and providing risk awareness and educational training, both in person and through documentation, to the IRP team and leadership.
ORGANIZATIONAL STATUS
The Program Risk Analyst reports to the Manager, Quality Assurance within the Integrated Renewal Program, while working closely with management and staff in the IRP workstreams, UBC IT, and other administrative and academic units.
WORK PERFORMED
- Leverage and implement IRP Risk Management Process; including but not limited to risk thresholds and definitions, methodology and process, roles, responsibility and authority, success criteria, templates, communication plans, strategy and risk breakdown structure.
- Provide subject matter expertise to the IRP Delivery Team and Leadership to inform the development of strategies and make recommendations to leadership and stakeholders with regard to risk mitigation and management.
- Develop tools and practices to identify, manage and control risks in accordance with IRP Risk Management Process.
- In partnership with the IRP Directors develop risk responses and socialize with the entire team to ensure appropriate, coordinated, timely, and agreed upon actions.
- Working with the IRP Program Team and Leadership develop strategies for managing and controlling risk.
- Act as a program champion to promote education and awareness of IRP Risk Management practice.
- Perform quantitative and qualitative risks analysis and prepare details reports on risk status and trends including strategic decision making milestones and gaps as well as next steps and proposals for mitigation.
- As the subject matter expert, partner with work streams to establish and improve appropriate key risk indicators that signal approaching risk events and report on those risk measures.
- Liaise with UBC Risk Management to create and sustain alignment with UBC risk management procedures.
- Document and maintain risk management artifacts; including, but not limited to, risk management process, risk register, risk analysis, policies, standards, directives, guidelines and procedures.
- Leverage and improve existing risk management tools, templates, standards, and processes to better enable project success and reduce setbacks caused through risk oversight.
- Collaborate with the Office of the CIO to further develop and mature the Risk Management practice at UBC and within the IRP program.
- Coordinate with the Office of the CIO on third party risk assessments performed, ensuring alignment with the IRP's Risk Management Framework and policies and procedures of UBC.
- Maintain current and detailed knowledge of risk management issues including awareness of regulations and guidance, higher education information technology industry trends and initiatives, best practices, and implementation of these practices.
- Performs other duties as required.

QUALIFICATIONS
Undergraduate degree in a relevant discipline. Bachelor's degree (or higher) in Business Administration, Commerce, Computer Science, Management Information Systems, Business Technology Management, or other relevant program preferred.
Certifications in one or more of the following are an asset: related risk management certifications (CRISC, CRM, ARM, RIMS-CRMP, PRM, PMI-RMP). A minimum of 7 years of experience, in-depth knowledge of applications and the business requirements supporting them or the equivalent combination of education and experience. Experience working with enterprise risk management frameworks, and in conducting risk assessments, planning, initiating, executing, monitoring, and reporting in a project environment.
Intermediate experience with applications and the business requirements supporting them.
Project Management experience is an asset.
UBC experience is preferred.
Advanced working knowledge of Microsoft Office tools (such as: MS Excel, Word, Outlook, PowerPoint, and Microsoft Project. Ability to demonstrate the following skills in day to day tasks:
analyze and interpret information with strong attention to detail and accuracy; exercise tact and discretion; prioritize, multi-task and work effectively under pressure to meet deadlines; work effectively independently under limited supervision and in a team environment; communicate effectively verbally and in writing; and clearly communicate issues and solutions to all levels, on both a formal and informal basis to a diverse group of audience.
High level of critical and logical thinking, analysis, and/or reasoning to identify underlying principles, reasons, or facts is an asset.
Self-motivated and adept to deal with ambiguity within and of complex concepts.
Demonstrated ability to take initiative, exercise sound judgment and resolve problems.
Core Competencies:
Collaboration:
Actively solicits ideas and opinions from others to efficiently and effectively accomplish specific objectives targeted at defined business outcomes. Openly encourages other team members to voice their ideas and concerns. Shows respect for differences and diversity, and disagrees without personalizing issues. Utilizes strengths of team members to achieve optimal performance. Communicating for Results:
Conducts discussions with and writes memoranda to all levels of colleagues and peer groups in ways that support troubleshooting and problem solving. Seeks and shares relevant information, opinions, and judgments. Handles conflict empathetically. Explains the context of interrelated situations, asks probing questions, and solicits multiple sources of advice prior to taking action when appropriate. Problem Solving:
Applies problem-solving methodologies and tools to diagnose and solve operational and interpersonal problems. Determines the potential causes of the problem and devises testing methodologies for validation. Shows empathy and objectivity toward individuals involved in the issue. Analyzes multiple alternatives, risks, and benefits for a range of potential solutions. Recommends resource requirements and collaborates with impacted stakeholders. Role Based Analytical Thinking:
Coordinates the information gathering and reporting process. Reviews trends and compares to expectations. Conducts research to define problems and prepares responses to anticipated questions. Prioritizes multiple issues and opportunities. Identifies relationships and linkages within several information sources. Anticipates issues that are not readily apparent on the surface. Identifies root causes and effects. Defines priorities within performance objectives. Reports and identifies areas that need guidance in order to resolve complex issues. Anticipates the possible outcome of potential solutions. Business Process Knowledge:
Describes and documents critical cross-functional business process flows. Applies business process re-engineering techniques and methods in analyzing process flow and accountability charts. Recommends and advocates substantive process enhancements and assesses both internal and external implications. Thoroughness:
Demonstrates operational agility. Uses organizational systems that result in multiple critical activities to be identified and completed on time. Renegotiates priorities as necessary. Puts systems in place and uses them to monitor and detect errors and problems. Tests and inspects outputs and applies quality checks prior to work submission. Thank you for your interest in the Program Risk Analyst role. The Integrated Renewal Program is a dynamic and a once-in-a-life-time endeavor which will transform the entire UBC community. If you would like to learn more about this exciting opportunity, please visit www.staffcareers.ubc.ca/29982 (Job ID: 29982) to read the full job description and to apply for this role. If you learned about the job opportunity from the ISACA Vancouver Chapter, please be sure to indicate this in your cover letter. Applications are accepted until June 4th, 2018.

Posted on June 1st, 2018

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

IT Internal Auditor


We have an opportunity for an information technology (IT) internal auditor to join our dynamic internal audit team. Reporting to the Internal Audit manager, you are responsible for the timely performance of assigned assurance and consulting services, with IT focus. Periodically, you’ll participate in non-IT audit engagements and may be designated the auditor in charge (AIC) for assurance or consulting engagements, and internal infrastructure projects.

What you’ll do
As an IT internal auditor you will:
 Perform detailed risk assessments and audits or reviews, which include, developing project plans and work programs, evaluating risks and controls, providing recommendation or advice, and communicating engagement results to clients
 Supervise and mentor staff and manage client relations when designated as AIC of engagements
 Work in a systematic and disciplined approach in accordance with department and Institute of Internal Auditors (IIA) standards, particularly, working paper and report writing standards, and ensuring that your professional development plan keeps your expertise current
 Recommend, create, and implement process improvements within the Internal Audit department

Is this a good fit for you?
We’re looking for someone who can:
 Apply internal audit techniques and concepts, and have general knowledge of risk, governance, and control frameworks (e.g., COSO, COBIT) and IT Standards (e.g., ITIL, ISO/IEC 27000)
 Provide timely, professional service to our clients, understand and anticipate their needs, and adapt responses through creative, and engaging approaches
 Use discretion and tact in handling confidential and sensitive information, and exercise considerable professional judgment regarding interpretation of issues and conflicting requirements
 Recognize and critically analyze issues, identify governance, risks and control gaps, and provide practical recommendations
 Use Microsoft Word and Excel at an intermediate level, as well as electronic working papers, flowcharting, and data analytics software
 Present information in oral and written format to all levels of the organization
Your background and experience
 A degree in business, computer science, or management information systems
 A professional certification such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or another related IT designation
 A minimum of three years of experience conducting information systems audits
 A combination of education and experience will be considered

Who are we?
At WorkSafeBC, we’re dedicated to promoting safe and healthy workplaces across British Columbia. We partner with workers and employers to save lives and prevent injury, disease, and disability. When work-related injuries or diseases occur, we provide compensation, and support injured workers in their recovery, rehabilitation, and safe return to work. We also work diligently to sustain our workers compensation system for today and future generations. We’re honoured to serve the 2.3 million workers and 231,000 registered employers in our province.
What’s it like to work at WorkSafeBC?
It’s challenging, stimulating, and hugely rewarding. Our positions offer tremendous diversity and excellent opportunities for professional growth. Every day, the work we do impacts people and changes lives. What we do is important and so are the people we do it for.
Our benefits
Being part of WorkSafeBC means being part of a strong, committed team. Along with a competitive salary, your total compensation package may include vacation, optional leave arrangements, health care and dental benefits, and contributions toward your retirement pension. As a member of our team, you'll have access to services and benefits that can help you get the most out of work — and life. Learn more about what we offer.
We’re an inclusive and accessible employer, committed to employment equity objectives, and we invite applications from all qualified individuals. Please note that this position is restricted to those legally entitled to work in Canada.
To apply
Visit our career page at www.worksafebc.com and select Current Opportunities to submit a resume and cover letter that details your characteristics, accomplishments, and prior work experience related to the requirements for the position. We can only accept applications submitted through our website.
Application deadline: June 7, 2018
Thank you, in advance, for applying. Unfortunately, we’re only able to contact those whose applications we will be pursuing further.

Posted on May 22th, 2018

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Director, Security and Privacy $86,000.00 – $112,000.00 annually
Ministry of Transportation and Infrastructure - Victoria - BC - Canada


The Ministry of Transportation and Infrastructure plans transportation networks, provides transportation services and infrastructure, develops and implements transportation policies, and administers many related acts and regulations as well as federal-provincial funding programs, including the Building Canada Fund. The Ministry opens up B.C. through innovative, forward-thinking transportation strategies that move people and goods safely, and fuel our provincial economy. Improvement of vital infrastructure is a key goal, along with enhancing the competitiveness of B.C.’s transportation industries, reducing transportation-related greenhouse gas emissions and providing B.C. with a safe and reliable highway system.
To deliver on the Ministry's mandate, the Information Management Branch supports the Ministry’s IM/IT requirements with innovative and responsive services. The Branch partners with central agencies and service providers in the provision of timely, cost effective solutions.
As the Director, Security and Privacy, you will manage the design, development and implementation of a ministry-wide information security & privacy framework.

Qualifications for this role include:
• Post-secondary degree in Computer Sciences, Information Systems or a related discipline and minimum 4 years of experience at a senior level in IM/IT security; OR,
• Post-secondary diploma in Computer Sciences, Information Systems or a related discipline and a minimum of 6 years of experience at a senior level in IM/IT security; OR,
• Post-secondary certificate in Computer Sciences, Information Systems or a related discipline or secondary school graduation and a minimum of 8 years of experience at a senior level in IM/IT security.
• 3 years’ experience managing staff.
• 3 years’ experience in managing risk from a business and technological standpoint.
• 3 years’ experience conducting security & privacy audits, or investigations.
• 3 years’ experience in security and threat risk assessments (STRA) and privacy impact assessments (PIA).
• 2 years’ experience developing and implementing IM/IT policies, standards, programs or projects related to security and privacy.
• Experience managing confidential issues with tact and diplomacy.
• Experience negotiating and managing information technology contracts.
• Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) or proven training towards obtaining a security certification.
• Preference may be given to applicants with the following:
• Experience developing and managing strategic and operational plans
• Experience managing contractors or project teams.
• The Open Group Architecture Framework (TOGAF) training or certification or similar certification.

For more information and to apply online by June 4, 2018, please go to: https://bcpublicservice.hua.hrsmart.com/hr/ats/Posting/view/50725

Posted on May 17th, 2018

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Senior Performance Auditor $62,000.00 - $86,000.00 annually
Auditor General for Local Government Surrey - BC - Canada


The office of the Auditor General for Local Government (AGLG) is responsible for reviewing the operations of local governments to assist them in their accountability to taxpayers and to evaluate the extent to which operations are undertaken economically, efficiently and effectively.
As a member of an audit team, you will exercise your sound analytical skills and professional judgement in undertaking performance audits and assessments of the operations of local governments. As an experienced professional, you will effectively plan, manage your time and budgets, gather audit evidence and document your work, and report audit findings and recommendations, in accordance with professional standards.
The AGLG offers a challenging, rewarding and collegial work environment. Our office consists of a team of highly skilled professionals and provides an exciting, flexible and varied work environment, and a commitment to professional learning and growth.

Qualifications for this role include:
• A bachelor’s degree combined with a recognized professional designation (e.g.: CPA, CIA, CRMA, CISA, CE) (or near completion) or equivalent education in combination with a minimum of one year (12 months within the last five years) of experience conducting performance audits or similar audit/evaluation work.
• Minimum one year (12 months within the last five years) experience in supporting the development of formal audit/evaluation plans, including identification of scope, objectives and criteria, identification and documentation of risk assessments and development of budgets and timelines for the planning and conduct of audits/evaluations.
• Minimum one year (12 months within the last five years) experience conducting audits/evaluations, including identifying, planning, conducting, and reporting on findings and recommendations in a performance audit or other audit/evaluation environment.

For more information and to apply online by May 30, 2018, please go to: https://bcpublicservice.hua.hrsmart.com/hr/ats/Posting/view/50258

Posted on May 17th, 2018

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Information Technology Auditor
BC Public Service - Ministry of Finance - Victoria - BC - Canada


Bring your assurance and/or consulting expertise and sound professional judgement to this critical leadership role - Salary $72,000 - $100,000 annually Over time through performance based in-range movement employees will have the opportunity to reach the maximum of their position’s salary band.

An Auditor, Internal Audit and Advisory Services position is also available in Victoria. If you are interested please review and apply through REQ 47519.

The Ministry of Finance's Internal Audit and Advisory Services (IAAS) supports Treasury Board by providing independent and objective assurance and advisory services to support governance, accountability, performance management practices and effective financial management.

Why Work for Internal Audit and Advisory Services?
Joining IAAS is an opportunity to work on significant projects across government and gain an understanding of the BC Public Service. You will participate in a variety of projects including comprehensive assessments of program performance and information systems. While building strong business relationships and networks throughout the BC public sector, you will be part of a high performing team sharing your experience.

IT Auditor: it auditors are responsible for conducting audits of information systems including governance and management within the public sector, technology procurement, application development implementation, security practices data management.
Qualifications for this role include:
• Completion of a recognized accounting designation (CPA, CA; CPA, CMA; CPA, CGA); and/or
• Other relevant education, including MPA, MBA, CIA, CISA.
• Minimum of 1 year of current or recent audit and/or advisory experience (with preference given to internal or performance audit experience).
• Minimum of 1 year of current or recent experience reviewing IT governance processes and controls, including information systems, change management, system project management, information security and privacy, and computer operations.

To learn more, including how to apply online by February 13, 2018 please visit: https://search.employment.gov.bc.ca/cgi-bin/a/highlightjob.cgi?jobid=47522

Posted on January 31th, 2018

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Internal Audit Manager


Are you an accounting professional with internal audit experience? We’re looking for an audit manager to lead an internal audit team that provides risk-based internal assurance services to evaluate and contribute to the improvement of governance, risk management, and internal control processes. You’ll represent the Internal Audit department and provide project and assurance leadership and direction to staff, while planning and conducting complex assurance and risk advisory engagements.
This position is a temporary assignment of approximately one year — An opportunity to try a new role, move on after your assignment, or explore avenues to stay. If you’re interested in using innovation and evaluating alternatives and improvements for a dedicated audit team at our head office in Richmond, then we’d like to hear from you.

What you’ll do

As an internal audit manager you will:
 Plan and conduct risk based audits to evaluate the adequacy and effectiveness of risk management, control, and governance processes
 Lead and mentor the internal audit team
 Represent the department and interact with senior management
 Plan for future departmental requirements for skills, resources, and procedures, and create an environment that supports learning and renewal

Is this a good fit for you?

We’re looking for someone who can:
 Take initiative and use innovation, challenging current procedures and practices, and evaluating opportunities and improvements
 Provide mentorship and direction to staff while demonstrating ethical and professional behavior, objectivity, and an appreciation for differing perspectives
 Communicate clearly and succinctly in both oral and written form to all levels of the organization
 Understand client needs and ensure knowledgeable and timely service

Your background and experience:

 A professional accounting designation – CPA (CGA, CMA, CA)
 A minimum of 10 years of business experience that includes:
o at least five years of internal audit experience
o at least five years in a leadership role
 Other education and work experience will be considered, but should include:
o strong management, business analysis, and risk management expertise
o excellent written and verbal communication skills and outstanding interpersonal skills
 A CIA or CISA designation is mandatory
 Experience with IT audits is an asset

Who are we?

At WorkSafeBC, we’re dedicated to promoting safe and healthy workplaces across British Columbia. We partner with workers and employers to save lives and prevent injury, disease, and disability. When work-related injuries or diseases occur, we provide compensation, and support injured workers in their recovery, rehabilitation, and safe return to work. We also work diligently to sustain our workers compensation system for today and future generations. We’re honoured to serve the 2.3 million workers and 231,000 registered employers in our province.

What’s it like to work at WorkSafeBC?

It’s challenging, stimulating, and hugely rewarding. Our positions offer tremendous diversity and excellent opportunities for professional growth. Every day, the work we do impacts people and changes lives. What we do is important and so are the people we do it for.

Our benefits

Being part of WorkSafeBC means being part of a strong, committed team. Along with a competitive salary, your total compensation package may include vacation, optional leave arrangements, health care and dental benefits, and contributions toward your retirement pension. As a member of our team, you'll have access to services and benefits that can help you get the most out of work — and life. Learn more about what we offer.
We’re an inclusive and accessible employer, committed to employment equity objectives, and we invite applications from all qualified individuals. Please note that this position is restricted to those legally entitled to work in Canada.

To apply

Visit our career page at www.worksafebc.com and select Current Opportunities to submit a resume and cover letter that details your characteristics, accomplishments, and prior work experience related to the requirements for the position. We can only accept applications submitted through our website.

Application deadline: February 1, 2018

Thank you, in advance, for applying. Unfortunately, we’re only able to contact those whose applications we will be pursuing further.

Posted on January 8th, 2018

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Director Security and Privacy - BC Public Service - Ministry of Transportation and Infrastructure - Victoria - BC


You are a skilled security specialist seeking a challenging leadership opportunity Salary $86,000 - $112,000 annually

The Information Management Branch (IMB) provides information management and information technology (IM/IT) services to our clients at the Ministry of Transportation and Infrastructure and B.C. citizens. With the support from our service providers, the IMB develops and maintains a number of web-based line-of-business applications including drivebc.ca.
The Director, Security and Privacy manages the design, development and implementation of a ministry-wide information security & privacy framework. This is a leadership role that encompasses maintaining familiarity with the ministry’s technological infrastructure, future security architectural directions for government, enterprise applications, internal/external interfaces and sector business requirements; evaluating requests for security systems changes and enhancements, determining business feasibility, cost-effectiveness, resource requirements and impact on current and future systems; and advising senior management staff and the Chief Information Officer regarding the security of existing and potential corporate or ministry computer systems.

Qualifications for this role include:

• University degree or post-secondary diploma in Computer Sciences, Information Systems or a related discipline and minimum 5 years of experience at a senior level managing and leading a team focussed on IM/IT security; OR, an equivalent combination of education, training and 10 years of experience at a senior level managing and leading a team focussed on IM/IT security and privacy.
• 3 years’ experience leading an organizational unit and in developing and managing strategic and operational plans.
• 3 years’ experience in identifying, evaluating and managing risk from a business and technological standpoint.
• 3 years’ experience conducting security & privacy audits, security & privacy investigations, security and threat risk assessments (STRA) and privacy impact assessments (PIA).

To learn more, including how to apply online by January 23, 2018 please visit: https://search.employment.gov.bc.ca/cgi-bin/a/highlightjob.cgi?jobid=46986
Attention: only applications submitted through the BC Public Service’s employment website (see link above) will be accepted.

Posted on January 8th, 2018

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Senior Internal Audit


Coast Capital Savings; together we help empower you to achieve what’s important in your life

What’s the job?

This job is for an auditor who has deep data analytics knowledge. Your primary role is to leverage these skills across multiple audits to drive efficiencies in our audit process and to increase our audit coverage through effective deployment of technology. You will also be expected to work with other audit team members to complete a range of corporate audits.

What you’ll get to do:

• Partner with management to strengthen the internal control environment and assist in identifying and assessing risks across the organization to help meet operational, financial, and compliance objectives.
• Assist with developing and implementing the audit data analytics program, including the deployment and use of relevant tools and the creation of processes to source, ingest and use data sets where relevant.
• Collect, analyze, and summarize data and trends utilizing computer assisted audit techniques (CAATs) and audit software tools.
• Assist with training and developing data analytics skills and capabilities within the team.
• Analyze and evaluate the system of internal controls through tests and examinations of accounting records, computer systems and transactions, including audits of new business areas and changing business processes.
• Work with the team to ensure audit work meets professional standards and provide coaching, training, and mentorship.
• Provide support and assistance to the external auditors, including but not limited to the completion of specified internal audits on which the external auditors rely, reviewing audit working papers prepared by management and completing the review and analysis of those working papers to the standards of the external auditors.
• Plan, organize and perform risk-based audits that are designed to add value and help improve CCS operations. Conduct special investigations where fraud or other improprieties are suspected.

Who are we looking for?

The Senior Internal Audit is someone who can lead teams and work collaboratively to evaluate our risk management and business processes and to determine appropriateness and effectiveness of our internal controls.

Key skills:

• You are proficient with the use of data and associated analytical software such as ACL and PowerBI
• 5+ years of senior audit / banking experience, and been hands-on, conducting a wide variety of audit engagements, including IT and Finance, from planning through to reporting. And your prior audit capability with a financial institution is an asset.
• You take pride that you survived and thrived in completing your degree and proudly hang that on your wall along with your professional designation(s) CISA, CIA, CPA, ACAMS or PMP.
• You believe in coaching employees to success, growing and training individuals and rewarding and recognizing employees.
• You have excellent communication skills and utilize a collaborative, modern internal audit approach in your written and interpersonal interactions.
• You are extremely proficient in applying auditing and analytical techniques and have an advanced understanding of internal controls.
• And of course, you can use Word, Excel and Outlook with ease.

Why join Coast Capital Savings?

We don’t mean to toot our own horn, but…
• We improve Canadians’ financial well-being through providing simple financial help.
• Employees do what’s best for our members. Every day.
• We believe in being a great corporate citizen so we invest in our local communities by donating our time, money and expertise.
• Our employees take advantage of the many opportunities to grow their careers.
• Employees love having a cool place to work, which includes wearing their jeans on Fridays & Saturdays and being recognized with a virtual (and, at times, an actual) high-five.
• Our inspiring leaders help our employees develop their talents and encourage them to be their fabulous selves.
• We have a unique culture where we take our business seriously, but ourselves, not so much.
• In 2017, we earned double kudos by being named one of BC’s Top Employers and one of Canada’s Best Managed Companies – two of the nation’s most coveted business awards, may we add.

Does this position inspire you? If so, apply on-line today at Coast Capital Savings.
{for postings not on our career site please include our website} https://www.coastcapitalsavings.com//Careers/

Posted on January 8th, 2018

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Senior Manager, Internal Audit


Coast Capital Savings; together we help empower you to achieve what’s important in your life

What’s the job?

As the Senior Manager, Internal Audit your primary responsibilities will be conducting corporate audits within our commercial lending division. This role is for a seasoned commercial lender who has experience working either in a front line (sales/underwriting) role or in supporting credit/adjudication function. This individual is looking for a change in his / her career and having come across this opportunity, found an appetite to apply those skills in an audit capacity. The successful candidate will be expected to play a support role on other corporate audits, including; lease financing, small business and retail lending. This is not a traditional auditor role. You will be working with a strong team of professional auditors eager to share their knowledge with you and to leverage your years of commercial lending experience.

What you’ll get to do:

• Partner with management to strengthen the internal control environment and assist in identifying and assessing risks to help meet operational, financial, and compliance objectives (while maintaining your independence)
• Analyze and evaluate the system of internal controls through tests and examinations of accounting records, computer systems and transactions, including audits of new business areas and changing business processes.
• Work with the team to ensure audit work meets professional standards and provide coaching, training, and mentorship to develop the skills of your peers.
• Provide support and assistance to the external auditors, including but not limited to the completion of specified internal audits on which the external auditors rely, reviewing audit working papers prepared by management and completing the review and analysis of those working papers to the standards of the external auditors.
• Plan, organize and perform risk-based audits that are designed to add value and help improve CCS operations. Conduct special investigations where fraud or other improprieties are suspected.

Who are we looking for?

The Senior Manager Internal Audit is someone who can lead teams and work collaboratively to evaluate our risk management and business processes and to determine appropriateness and effectiveness of our internal controls. The ideal candidate will have experience working in an OSFI regulated environment.

Key skills:

• 10 + years of banking experience, at least five of which must be working in a commercial lending role.
• You take pride that you survived and thrived in completing your degree and proudly hang that on your wall along with one of the following professional designation(s) CA, CPA, MBA, CFA, FRM.
• You believe in coaching employees to success, growing and training individuals and rewarding and recognizing employees.
• You have excellent communication skills and utilize a collaborative, modern approach in your written and interpersonal interactions.

Why join Coast Capital Savings?

We don’t mean to toot our own horn, but…
• We improve Canadians’ financial well-being through providing simple financial help.
• Employees do what’s best for our members. Every day.
• We believe in being a great corporate citizen so we invest in our local communities by donating our time, money and expertise.
• Our employees take advantage of the many opportunities to grow their careers.
• Employees love having a cool place to work, which includes wearing their jeans on Fridays & Saturdays and being recognized with a virtual (and, at times, an actual) high-five.
• Our inspiring leaders help our employees develop their talents and encourage them to be their fabulous selves.
• We have a unique culture where we take our business seriously, but ourselves, not so much.
• In 2017, we earned double kudos by being named one of BC’s Top Employers and one of Canada’s Best Managed Companies – two of the nation’s most coveted business awards, may we add.

Does this position inspire you? If so, apply on-line today at Coast Capital Savings. {for postings not on our career site please include our website} https://www.coastcapitalsavings.com//Careers/

Posted on January 8th, 2018

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

GRC Specialist- Vancouver - BC


We are looking for a Governance, Risk & Compliance (GRC) Specialist to support our GRC & Privacy team. Visier is a fast moving and creative company for dedicated individuals who can thrive in our environment.

Visier has enterprise level clients such as P&G, Comerica, Genentech and Experian, who rely on us for business intelligence solutions to accelerate the success of their businesses. The successful candidate will support our team’s functions and processes to assist Visier in protecting our customers’ data and comply with relevant laws, regulations, and controls.

Essential Duties and Responsibilities
● Assist in the audit (ITGC, SOC2) process including conducting interviews with internal technical team members, observing operations, reviewing transactions and documents, and completing documentation in working papers and audit reports
● Conduct follow up and monitoring of the audit process to ensure corrective actions are completed
● Assist in the development of risk management controls and systems, development of policies and procedures, and privacy reviews and assessments
● Provide sales support by presenting GRC and privacy practices and controls, including responding to information security and privacy questionnaires and requests from prospects.
● Assist in privacy reviews, processes, and documentation
● Conduct research of GRC, privacy, and information security issues to help the team remain up to date on current practices

Qualifications and Core Competencies

Qualifications
● Minimum 4+ years of experience in audit, risk management, privacy and/or compliance practices, principles, procedures, and techniques
● Familiarity with information assurance standards and frameworks such as ISO 27001, CoBIT, NIST, and COSO would be an asset
● Relevant education and certifications in audit, information security and/or privacy
● Prior experience in auditing technical controls and environments (for e.g: datacenters, AWS)

Competencies
● Excellent written and verbal communication skills
● Ability to prioritize in a fast-paced environment
● Ability to take instruction and guidance
● Excellent interpersonal relationship building skills
● Organized with strong attention to detail

To learn more about the position and how to apply, please review the following link: https://www.visier.com/careers/grc-specialist-vancouver-canada/

Posted on December 13th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Internal Auditor/Analyst, Enterprise Risk Management- Vancouver - BC


We are seeking an experienced auditor/analyst to join our Internal Audit Team (IA) in Greater Vancouver. The successful candidate will be responsible for prioritising, planning, scoping and carrying out a number of assurance and consulting engagements within a global investment management firm.
The successful candidate will be joining a team of IA professionals who have a two-fold focus: 1) providing assurance and transparency over business risks to board members, and 2) working with business units to enhance process effectiveness and efficiency. The individual will also be expected to work closely with the Risk and Compliance teams in the effective execution of the firm’s Enterprise Risk Management program. While occasional travel is expected in order to complete global IA engagements, the team utilizes progressive communication technologies to conduct its reviews

KEY AREAS OF RESPONSIBILITY

Leading and performing audits for the firm’s control commitments and consulting projects
Owning all activities in the audit lifecycle - including prioritising audit coverage, scoping and planning integrated audit engagements, carrying out detailed reviews, finalising reporting, sharing findings with management and chasing management responses/tracking exceptions through to closure
Documenting and analysing investment management processes – identifying risks and areas for improvement, developing pragmatic solutions and recommending control improvements.
Providing proactive advisory services in a developmental audit capacity
Participating in projects focused on mitigating specific risk exposures/control weaknesses
Develop, build and implement tools to analyse data to improve audit efficiency and effectiveness.
Ultimately be a source for analytics that business units adopt to provide business insights or for continuous auditing.
Assisting in promoting risk awareness throughout the Group
Contributing to the development of appropriate Risk and Audit methodologies for the Group

The Company
Founded in 1989, Orbis has been investing globally for over 25 years. Simply put, our purpose is to make a difference to our clients and we believe that the best way to do so is through our fundamental, long-term and contrarian investment philosophy. We recognise that without our clients’ trust and confidence, our firm cannot – and should not – survive.
Headquartered in Bermuda, Orbis manages over $30 billion in assets on behalf of its clients, and is comprised of more than 400 professionals located in London, Bermuda, Vancouver, Sydney, San Francisco, Hong Kong, Tokyo and Luxembourg.

What We Offer
At Orbis, we provide a flat organisational structure with exceptional opportunity for growth. We expect individuals to work hard, but also to genuinely enjoy their time at Orbis and the people they work with. We seek to attract talented individuals who have demonstrated the ability to excel in a challenging environment; the remuneration package will reflect this and will be heavily influenced by performance.

Instructions for Application
Please email your cover letter, resume and transcripts (all post-secondary; unofficial copies are accepted) to vancouver.recruitment@orbis.com.
For more information on Orbis, please visit our website at www.orbis.com.

KEY ATTRIBUTES/COMPETENCIES

Typical attributes/competencies of individuals who will be well-suited to this role and our organization include the following:

Strong analytical, investigative and probing skills
Comfortable working in a pressured environment, with steep learning curves
Excellent people skills and emotional intelligence
Ability to communicate and interact effectively with staff at all organisational levels
Ability to persuade or inspire others to gain acceptance of good ideas
Outstanding report writing skills
Excellent presentation skills
Attention to detail
Passionate, proactive and driven
Ability to work without close supervision
Resilient
Organised and deadline driven

QUALIFICATION/ EXPERIENCE

The successful candidate will have a first-class academic record and a relevant professional designation (CPA, CA, CIA, CISA or equivalent). A proven track record in audit is also required – either working as an Internal Auditor or as part of an External Audit team/ completing articles. Knowledge of IT, the securities industry and/or market practices would be an asset.

NOTES:

Additional Salary Information: At Orbis, we provide a flat organisational structure with exceptional opportunity for growth. We expect individuals to work hard, but also to genuinely enjoy their time at Orbis and the people they work with. We seek to attract talented individuals who have demonstrated the ability to excel in a challenging environment; the remuneration package will reflect this and will be heavily influenced by performance. Relocation expenses are negotiable.

Posted on November 22th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Senior IT Auditor - BC Public Service - Ministry of Finance - Victoria - BC
Bring your critical thinking skills to this important leadership role Salary $72,000.00 - $100,000.00 annually


The Ministry of Finance's Internal Audit and Advisory Services (IAAS) supports Treasury Board by providing independent and objective assurance and advice to support governance, accountability, performance management practices and effective financial management.
As a Senior IT Auditor within IAAS you will be reviewing, testing and analysing government’s IT infrastructure; assessing IT strategies, policies and procedures; evaluating the effectiveness of IT security controls and information systems in supporting business processes; and reviewing the effectiveness of disaster recovery and business continuity plans. As required, you will supervise and provide direction to audit staff throughout the projects ensuring their work is timely and competently performed.
Qualifications for this role include:
• Completion of a recognized accounting designation (CPA, CA; CPA, CMA; CPA, CGA); and/or
• Other relevant education, including MPA, MBA, CIA, CISA.
• Minimum of 3 years of current or recent audit and/or advisory experience (with preference given to internal or performance audit experience).
• Minimum of 2 years of current or recent experience reviewing IT governance processes and controls, including information systems, change management, systems project management, information security and privacy, and computer operations.
• Experience in applying generally accepted IT control frameworks (e.g. COBIT, ITIL and ISO) in an audit context.

To learn more, including how to apply online by November 15, 2017 please visit: https://search.employment.gov.bc.ca/cgi-bin/a/highlightjob.cgi?jobid=45209

Posted on October 30th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

CyberSecurity Specialist - Vancouver


Do you have cybersecurity experience that will help us keep our information systems secure? We’re looking for a security professional with in-depth ability and proven knowledge in proactive cyber threat detection and mitigation.
In this role, you’ll ensure the security, stability, and availability of our perimeter security infrastructure for our organization’s business applications. You’ll be a technical consultant to project teams, an evaluator of new methodologies and procedures, and an implementer of new requirements and enhancements.
Working on our IT team is a unique opportunity to do work that matters. We provide a highlycollaborative environment where employees can develop their skills working on challenging projects that help make a difference to the workers and employers of B.C.

What you’ll do

As a cybersecurity specialist II you will:  Administer the operation, support, and maintenance of our network and perimeter security systems – including installing, configuring, maintaining, supporting, documenting, and optimizing
 Support the network and perimeter security infrastructure with
o Check-Point firewall and endpoint security
o security analytics
o remote access technologies
o malware and anti-virus technologies
o security vulnerability management
o security patch compliance management
o intrusion prevention and detection technologies
 Participate in the design of the network and perimeter security technologies for both on premise and cloud environments
 Ensure that the network and perimeter security systems are able to satisfy current and projected business requirements

Is this a good fit for you?

We’re looking for someone who can:
 Anticipate, organize, and prioritize work to meet both short and long term goals
 Provide feedback for product or team improvements
 Contribute to a positive work environment by adapting and adjusting to changes
 Use critical thinking to work through complex problems to formulate practical solutions Your background and experience:
 A bachelor’s degree in computer science or a STEM (science, technology, engineering, math) field
 A minimum of five years of experience in progressively complex roles within an IT environment, with primary focus of the last four years in cybersecurity
 An IT security-related certification, such as CISSP, CISM, or SSCP, is preferred
 An equivalent combination of education and experience will be considered

Who are we?

At WorkSafeBC, we’re dedicated to promoting safe and healthy workplaces across British Columbia. We partner with workers and employers to save lives and prevent injury, disease, and disability. When work-related injuries or diseases occur, we provide compensation, and support injured workers

Posted on October 23th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Information Systems Security Analyst - Vancouver


Are you a self-motivated and tech-savvy individual who is up-to-date on the latest information system security threats and risk mitigation strategies in the modern workplace? Does an innovative, dynamic and collaborative organization committed to providing outstanding results excite you? If this sounds like you, this may be your next perfect opportunity!
The College of Registered Nurses of British Columbia (CRNBC) is seeking an Information Systems Security Analyst to join our Information & Finance team. This is a regular, full-time employee position.

Who we are

CRNBC is the regulatory body for close to 40,000 registered nurses, nurse practitioners and licensed graduate nurses in British Columbia. Our purpose is to protect the public by effectively regulating registered nurses and nurse practitioners.
At CRNBC, we believe in integrity, excellence, and accountability. As a member of the team, you can expect to be treated in a respectful and professional manner. While your workload will be busy, the College supports staff in achieving a healthy work-life balance.

What you will be doing

The Information Systems Security Analyst assesses risk, and recommends, designs, implements, and administers security controls. The position ensures security considerations are integrated into all new systems, features and changes, as well as information exchanges with third-parties, or any other location CRNBC data resides. The Information Systems Security Analyst also ensures that ongoing vulnerability assessments are conducted to ensure that existing systems continue to be updated to respond to new threats. This role acts as the first contact for security related concerns and provides helpdesk and administration support, particularly as it relates to information security tasks. The role also provides support to other colleges that are part of an IT consortium administered by CRNBC.

Responsibilities include:

• In consultation with the Chief Officer, IF and the Information Management Team Lead, as well as security consultants, maintains an information system security risk register and recommends, designs and implements security controls;
• Ensures security considerations are integrated into all system planning, development and maintenance processes;
• Provides input on information security related policies and supports training staff on information security related matters;
• Administers information security systems and controls; which may include activities such as:
o Managing virtual network segmentation, including analyzing network traffic and determining firewall rulesets to provide to hosting providers;
o Performing regular vulnerability scans on virtual Windows servers using Nessus or similar tool;
o Monitoring for vulnerability alerts, patches and updates from vendors for all system components, including code libraries;
o Configuring all system components to use secure settings through methods such as Windows Group Policy;
o Updating and patching Windows infrastructure components, Windows desktop applications, and plug-ins;
o Configuring operating system and application-level access permissions, such as Active Directory security groups;
o Set-up processes to monitor security logs and generate alerts from various system components;
o Investigating security alerts and incidents, including assisting users reporting suspected incidents, and taking actions to contain detected threat activity and minimize damage;
• Advises on emerging information security threats and vulnerabilities, as well as evolving industry standards and best practices;
• Documents security processes and systems at a technical level;
• Provides end-user support (including general non-security IT support) when required;
• Fosters and maintains an organizational culture that promotes mutual respect, teamwork and service excellence.

Your education and skills:

• Bachelor’s degree in Computer Science or equivalent combination of education and experience.
• Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) or similar certification.
• 3-5 years’ experience in security management and risk identification and mitigation.
• Working knowledge of industry security standards such as ISO27001/ISO27002, and NIST.
• Demonstrated system administration knowledge for Microsoft infrastructure components (operating system, Dynamics CRM, SharePoint, SQL Server, IIS) and applications, as well as for Citrix or other virtual desktop environments.
• Understanding and identification of current threats and trends in information security.
• Technical understanding of firewalls, network protocols, and encryption protocols.
• Knowledge of network scanning and monitoring tools such as Nessus.
• Windows security certifications.
• Strong troubleshooting and problem solving skills.
• Demonstrated organizational skills and attention to detail.
• Ability to plan, prioritize and manage workload within a time sensitive environment.
• Excellent oral, written and interpersonal communication skills. Ability to work collaboratively with team and other stakeholders.
• Ability to work outside of regular work hours, on occasion, to ensure the smooth functioning of CRNBC related systems.

Compensation and benefits

The successful candidate will enjoy a generous compensation and benefits package.

How to apply

Please forward your resume and cover letter, indicating where you learned of this opportunity, to careers@crnbc.ca. The closing date for applications is November 8, 2017.
To learn more about our organization, please visit www.crnbc.ca. Thank you for your interest in the College of Registered Nurses of British Columbia.
While we appreciate all responses, only shortlisted applicants will be contacted.

Posted on October 23th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Senior IT Internal Auditor - Vancouver - Point Grey Campus - Canada


Job Summary

Internal Audit's mandate is to provide consulting services and independent and objective assurance of UBC's operations by evaluating and improving the effectiveness of UBC's risk management, control, and governance processes, and by preventing and investigating improper financial activity.
This position plays a key role in enhancing the University's accountability mechanisms in support of the University's strategic objectives, by evaluating IT systems and related risks and controls.
The Senior IT Internal Auditor adds value and improves the University's operations by developing data analysis strategies to enhance and streamline audits and ongoing monitoring activities. This position delivers audit reports summarizing findings and recommendations to assist senior management and the Board in achieving the University's overall strategic objectives.

Organizational Status

The Senior IT Internal Auditor interacts directly with senior stakeholders such as department heads and directors, as well as supervisory and other staff. Since assignments frequently involve access to confidential information, this position must use tact in obtaining and safeguarding information and professional judgment in maintaining confidentiality.
Reports to the Senior IT Audit Manager and works in collaboration with Senior Audit Managers.

Work Performed

- Participates with the Senior IT Audit Manager, Associate Director and Director in developing the annual IT Audit Plan, in alignment with the University's strategic objectives. This includes consideration of the University's risk universe: major enterprise risks, risk tolerance, current controls and planned mitigation strategies.
- Assists the Senior IT Audit Manager in developing risk-based audit programs including:
o Planning the scope, objectives, and detailed audit procedures of specific IT audits and reviews.
o Obtaining evidence and evaluating the efficiency and effectiveness of systems and operations, using root cause analysis.
o Assessing the impact of University financial procedures and policies on specific IT controls.
o Preparing and documenting working papers and files to ensure high professional standards are followed to support objective audit findings.
- Performs IT audits independently or as a team member in a professional, independent and objective manner, and in accordance with the COSO frameworks and leading IT assurance frameworks.
- Writes concise, risk-focused audit reports detailing audit findings on risks, controls, efficiency and effectiveness, and makes pragmatic recommendations for improvement.
- Engages stakeholders, in a diplomatic and tactful manner, in discussions of audit findings and recommendations. Appraises the adequacy of management action plans to address the audit recommendations.
- Conducts special IT investigations as determined by the Director, Associate Director or Senior Audit Managers.
- Participates in various campus-wide strategic committees, such as ERP (Enterprise Resource Planning) systems.
- Develops and maintains Internal Audit's data analytics methodology, including:
o Writing complex programs and ad hoc queries, utilizing enterprise data, to fulfill audit data analysis requirements.
o Ensuring code is developed in a well-structured manner, functions as required, is validated and documented, and is easy to maintain and reuse.
o Ensuring audit team members are aware of the data analytics framework and its application and relevance to their audit projects.
o Conducting training sessions to audit team members on tools and data sources used to perform data analytics.
o Interacting with management to identify appropriate data sources and data elements required for analytics, applying professional skepticism when assessing data sources and validating the completeness and accuracy of data received.
o Analyzing data for financial compliance with University policies and procedures.
o Consulting with audit staff and University departments to develop continuous monitoring processes and procedures, and providing appropriate training and support.
- Provides IT technical support for Internal Audit staff's computing requirements.
- Understands and complies with Internal Audit and UBC Information Security standards, policies and procedures.
- Stays abreast of new trends and developments in IT and data analytics by leading and/or attending seminars, training sessions, and workshops.
- Acts as the liaison between Internal Audit and IT departments.
- Performs other related duties as required.

Supervision Received

Audit assignments are planned and approved by the Senior IT Audit Manager, Associate Director, and Director. Audit programs, working papers, files and reports are reviewed by the Senior IT Audit Manager. Work is reviewed but not checked in detail.
The Senior IT Internal Auditor is expected to collaborate with Senior Audit Managers to develop audit programs and to carry out the field work, with minimum supervision, including the drafting of audit reports.

Supervision Given

None.

Consequence of Error/Judgement

Internal Audit is a fast-paced environment, where competing priorities and tasks are frequent and dynamic. Work is often completed within tight deadlines, requiring the Senior IT Internal Auditor to perform with a high degree of accuracy and precision under pressure.
Errors or incorrect audit work could result in the failure to detect or prevent University financial errors, inefficiencies, inadequate internal controls, or frauds. As Internal Audit provides information directly to senior management and the Board, inaccurate audit information could result in errors in management decisions and University governance.
This role is exposed to and has access to information of a highly confidential and sensitive nature, and must be able to recognize the sensitivity of issues and constantly maintain the strictest confidentiality and discretion. Errors in judgment could have a serious impact on the Internal Audit's relationship and credibility with senior management, the Board, and UBC departments.

Qualifications

Undergraduate degree in a relevant discipline and Completion of an accredited Accounting program (CA, CGA or CMA). Degree in business, mathematics, computer science or management information systems preferred. CPA preferred.
CISA (Certified Information Systems Auditor), CIA (Certified Internal Auditor), CISSP (Certified Information Systems Security Professional) or CFE (Certified Fraud Examiner) designations are preferred. Completion of CISA exam required within one year. A minimum of 7 years of experience or the equivalent combination of education and experience. Experience working with individuals in senior roles and in complex environments preferred. - Audit experience including reviewing internal controls of different types of large and small business operations, writing audit reports and evaluating internal controls and efficiencies.
- Knowledge of COSO frameworks, COBIT5, CIS Critical Security Controls, and cybersecurity risk assessment methodologies such as NIST.
- Experience building and supporting continuous audit monitoring programs.
- Strong quantitative, analytical, data-intuition, and problem-solving skills, and proficiency in data analytics techniques. Strong knowledge and proficiency in extraction and analysis of data from a wide variety of systems, leveraging data analytic and data visualization tools. Advanced knowledge of one or more of the following: ACL, MS SQL, Oracle, Power BI, Tableau, Excel, Access, OBIEE.
- Excellent oral and written communication skills.
- Strong organizational, analytical, planning skills, and excellent attention to detail. Ability to bring a questioning attitude and constructive approach to problem solving.
- Ability to work under minimal supervision, exercising confidentiality, professionalism, initiative and tact.
- Ability to deal with sensitive and confidential issues using discretion and judgment, while maintaining independence and objectivity.
- Ability to work well with others and demonstrate respect, dignity, and integrity in interpersonal relationships.

Equity and diversity are essential to academic excellence. An open and diverse community fosters the inclusion of voices that have been underrepresented or discouraged. We encourage applications from members of groups that have been marginalized on any grounds enumerated under the B.C. Human Rights Code, including sex, sexual orientation, gender identity or expression, racialization, disability, political belief, religion, marital or family status, age, and/or status as a First Nation, Metis, Inuit, or Indigenous person.
All qualified candidates are encouraged to apply; however Canadians and permanent residents will be given priority.

For more information on this career opportunity please visit: here

Posted on October 20th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

IT Risk and Advisory Services Manager - Vancouver - British Columbia - Canada


Founded in 1998 in beautiful Vancouver, BC, lululemon’s products create transformational experiences for people to live happy, healthy, fun lives.
Manage and conduct IT audits throughout the company, including the management and training of internal audit staff on IT audit engagements. Develop the testing strategy for the IT portion of Sarbanes Oxley (SOX) reporting requirements. Identify control improvement opportunities, process inefficiencies, etc. and assist in formulating viable solutions. Requires a general knowledge of retail and strong understanding of IT general controls (for compliance with SOX, as per above), IT application controls, accounting controls and internal audit standards. Managing, planning, research, testing, analyzing and reporting are the primary functions performed in the position. Communication, managerial and leadership skills and the ability to adapt to changing circumstances are necessary. Act as a subject matter expert on all IT audit, compliance, and risk matters on behalf of Lululemon.

Other key responsibilities include

Manage and conduct audits in accordance with the departmental audit plan, ad-hoc business requests or Integrity Line phone calls. Such audits may test the adequacy of accounting, operational and technology controls across all global divisions and functions ensuring compliance with policies, procedures, standards and applicable regulations (e.g. Sarbanes-Oxley).
Plan, research, test, analyze and report audit work and results. Effectively communicate audit results and recommendations to various groups including the Audit Committee, senior management (CEO, CFO, CIO, EVP’s), and department leaders. Identify areas in which the company has opportunities to improve. Provide timely follow up on aligned action plans to ensure their implementation.
Develop and utilize data analytics to substantiate audit findings, as well as for developing continuous auditing programs.
Ensure that audits are completed on a timely basis, in accordance with departmental standards and annual plan.
Proactively identify profit improvement and cost reduction opportunities through audit procedures, reviewing management controls and operating efficiency ensuring that the company's assets are adequately protected. Particular emphasis should be placed on the use of IT automation and data analytics to achieve the above objectives.
Produce well drafted audit reports and present audit findings to management teams identifying opportunities to improve controls or operational processes. Assess their risk and impact and partner with the business stakeholder to align on effective management action plans. Final reports will be provided to the Audit Committee, senior management and the external auditors.
Will assist in formulating the annual audit plan and preparing quarterly Audit Committee reporting for the Board of Directors.
Maintain good communication lines with other areas of the company. Resolve conflicts and opinion differences in an effective and productive manner.
Ability to represent Internal Audit Services views/assessments while working with other company departments and senior leadership.
Obtain/Maintain professional certifications and enhance personal and professional skills by completing the necessary continuing education.
Mentor, coach and evaluate internal auditors within the Global Internal Audit Services (GIAS) team.

The finer print

Bachelor’s degree (preferably in MIS, Computer Science or Accounting with IS concentration) CISA, CIA, CISSP or other applicable professional certifications required and maintained 9-12 years of progressive auditing experience, with current experience with IT audits, as well as current experience in managing people.
Strong understanding and experience working with IT governance frameworks (i.e. COBIT, ISO, etc.) Extensive experience in cybersecurity operations or conducting cybersecurity audits and assessments Extensive experience in data analytics for audit purposes (i.e. using software such as ACL, Tableau or IDEA)
Excellent follow-through and drive for timely and quality results.
Strong organizational and communication skills.
Ability to work with minimal oversight and with ambiguity where analysis of situation requires evaluation of various factors. Ability to recognize challenges and make recommendations to overcome them.
Positive attitude and strong team player, excellent customer service.
Demonstrated ability to lead and manage through challenging projects and multiple priorities. Ability to build relationships and influence change.
Will travel (if required)
Will work extended hours (if required)

Our “must haves”

Proven work ethic with utmost integrity
Desire to excel and succeed
Actively live and breathe the lululemon culture and lifestyle
Self-awareness, with desire for constant self improvement (goal-oriented)
Entrepreneurial spirit, and an egoless nature
Self motivated, passionate, empathetic, approachable
Outgoing, energetic, upbeat and fun!

For more information on this career opportunity please visit: here

Posted on October 19th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

IT Security and Compliance Auditor


Our team based out of Vancouver, British Columbia is looking for an IT Security and Compliance Auditor, who will support our global information security and compliance practice in monitoring compliance with key IT system access controls required for Section 404 of the Sarbanes Oxley (SOX) Act. The information security and compliance team is a business enabler that understands the technical risks of the IT environment, translates that into tangible business risk, and arrives at a happy medium that allows the company to propel forward whilst remaining secure.

What a typical day in the life of an IT Security and Compliance Auditor looks like:

• initiate and coordinate periodic attestation / recertification campaigns for user access to a multitude of key corporate IT systems
• monitor for instances of non-compliance with key system access controls, such as access granted without proper approval, inappropriate access to sensitive system functions, lack of timely access revocation post termination, etc.
• conduct root cause analysis over non-compliance instances as described above, and work closely with the related IT or business function to develop remediation actions
• escalate incidents to the IT Compliance Manager, or other appropriate resource, as necessary
• perform or assist with other compliance or security audits as necessary, and report on audit results to the IT Compliance Manager, as well as other stakeholders
• undergo ongoing training and certification to maintain technical skills at the highest level

Here is the experience and knowledge that we would like you to bring with you:

• a college diploma in information security or computer technical support, or equivalent education and/or training and holds or be working towards a relevant certification, including widely recognized security or audit certifications such as SANS GIAC, CISSP, CISA or CISM, or more specific certifications such as the Certified Identity and Access Manager (CIAM) certification.
• previous experience in a similar systems auditor role, or an access administrator role
• experience working with or administering identity and access management systems, such as Sailpoint IdentityIQ, Oracle Identity Management, Okta, NetIQ, etc.
• experience with incident management, change management and service request processes which utilize an internal ticketing system
• working knowledge of security incident and event management systems
• previous experience in maintaining and troubleshooting day-to-day operational processes, such as report generation, data verification and data correlation
• experience working in an eCommerce environment, with exposure to mobile application platforms
• prior experience working in a highly-regulated environment would be an asset
• basic knowledge of systems and computer networks
o should have knowledge of OS environments such as Windows 7, Apple Mac, Linux and Windows Server 2008, etc.
o should be familiar with TCP/IP concepts, such as IP addressing schema, SMTP, HTTP, HTTPS, FTP, DNS, etc.
o understanding of and exposure to security tools such as firewalls, IDS/IPS, A/V, anti-spam, content management, server and network device hardening, etc. is a strong plus.
o ability to run tools such as nslookup, netstat, nmap, etc. is a strong plus
o ability to review and accurately interpret network logs is a strong plus

The Finer Print:

• you have a strong understanding of risk, particularly business risk in your DNA and bring that to the fore in all your work
• a solution provider to the core, you walk into problem situations and leave them with solutions
• detail oriented to a fault, you do not let an issue rest until you have gotten to the core of the matter
• you love to ask “why” until you get to the root cause of a problem, and feel even better when you can support your conclusions with strong, deeply analyzed data
• you are an adept multi-tasker who can juggle multiple projects and tasks simultaneously, and prioritize them accordingly
• you thrive in extremely fast paced environments, and revel in the opportunity to be constantly exposed to cutting edge technology
• the master communicator that you are, you are equally at ease explaining security vulnerabilities to information technology admin staff, as you are explaining business risk to end users
• ever the charmer, you can drive teams towards security and compliance goals with a smile
• you are a compulsive documenter, who loves whipping up design and procedural documents

For more details, please contact to Simon Chu at schu@lululemon.com

Posted on October 16th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 


Internal Audit Manager (2 positions) Salary range $ 77,886 - $97,358 annually - Vancouver, BC


Are you an accounting professional with internal audit experience? We’re looking for two audit managers to lead internal audit teams that provide risk-based internal assurance services to evaluate and contribute to the improvement of governance, risk management, and internal control processes.
You’ll represent the Internal Audit department and provide project and assurance leadership and direction to staff, while planning and conducting complex assurance and risk advisory engagements.
Consider joining a team who apply award-winning practices and strive to deliver innovative and leading internal audit services to their clients.

What you’ll do
As an internal audit manager you will:
 Plan and conduct risk based audits to evaluate the adequacy and effectiveness of risk management, control, and governance processes
 Lead and mentor the internal audit team
 Represent the department and interact with senior management
 Plan for future departmental requirements for skills, resources, and procedures, and create an environment that supports learning and renewal

Is this a good fit for you?
We’re looking for people who can:
 Take initiative and use innovation, challenging current procedures and practices, and evaluating opportunities and improvements
 Provide mentorship and direction to staff while demonstrating ethical and professional behavior, objectivity, and an appreciation for differing perspectives
 Communicate clearly and succinctly in both oral and written form to all levels of the organization
 Understand client needs and ensure knowledgeable and timely service

Your background and experience:
 A professional accounting designation – CPA (CGA, CMA, CA)
 A minimum of 10 years of business experience that includes:
o at least five years of internal audit experience
o at least five years in a leadership role
 Other education and work experience will be considered, but should include:
o strong management, business analysis, and risk management expertise
o excellent written and verbal communication skills and outstanding interpersonal skills
 A CIA or CISA designation is mandatory
 Experience with IT audits is an asset

Who are we?
At WorkSafeBC, we’re dedicated to promoting safe and healthy workplaces across British Columbia. We partner with workers and employers to save lives and prevent injury, disease, and disability. When work-related injuries or diseases occur, we provide compensation, and support injured workers in their recovery, rehabilitation, and safe return to work. We also work diligently to sustain our workers compensation system for today and future generations. We’re honoured to serve the almost 2.3 million workers and 210,000 employers in our province.

What’s it like to work at WorkSafeBC?

It’s challenging, stimulating, and hugely rewarding. Our positions offer tremendous diversity and excellent opportunities for professional growth. Every day, the work we do impacts people and changes lives. What we do is important and so are the people we do it for.

Our benefits
Being part of WorkSafeBC means being part of a strong, committed team. Along with a competitive salary, your total compensation package may include vacation, optional leave arrangements, health care and dental benefits, and contributions toward your retirement pension. As a member of our team, you'll have access to services and benefits that can help you get the most out of work — and life. Learn more about what we offer.
We’re an inclusive and accessible employer, committed to employment equity objectives, and we invite applications from all qualified individuals. Please note that this position is restricted to those legally entitled to work in Canada.

To apply
Visit our career page at www.worksafebc.com and select Current Opportunities to submit a resume and cover letter that details your characteristics, accomplishments, and prior work experience related to the requirements for the position. We can only accept applications submitted through our website.

Application deadline: November 2, 2017

Thank you, in advance, for applying. Unfortunately, we’re only able to contact those whose applications we will be pursuing further.

Posted on October 6th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *