Analyst, IT Risk - RFA Bank of Canada
Toronto, Ontario, Canada
Full Time
1 week ago
Key skills
Risk ManagementCommunication
About this role
Analyst, IT Risk – RFA Bank of Canada
Date: March 6, 2026
Location: Toronto
Company: RFA Bank of Canada
Job Type: Permanent
Closing Date: March 20, 2027
About RFA
Founded in 1996, RFA (Realty Financial Advisors) is a leading Canadian-owned real estate firm. Through RFA Bank of Canada and RFA Mortgage Corporation, RFA offers mortgage brokers a complete range of Prime and Alternative mortgage solutions.
RFA Bank of Canada, a division of RFA (Realty Financial Advisors), is a federally regulated Schedule I Bank. Our goal is to be a long-term leader in the residential lending market by offering more than just competitive rates and compensation. At RFA Bank of Canada, we focus on delivering a unique value proposition in the Alternative mortgage space, committed to innovation and exceptional service to meet a diverse range of borrower needs.
The Opportunity
We’re looking to fill an Analyst, IT Risk position at RFA Bank of Canada!
The Information Technology (IT) Risk Analyst, Operational Risk is responsible for supporting the Senior Manager in ensuring that the Board and Senior Management have full insight into the technology and resilience components of the operational risk profile of the Bank. The IT Risk Analyst will assist the Senior Manager in mitigating risks arising from internal processes, people, systems and as/if applicable, external events. This is achieved through the establishment, maintenance and enhancement of the technology and resilience components of an operational risk management framework governing the Bank’s existing activities and processes as well as any prospective business or other changes.
Core Responsibilities
As the Analyst, IT Risk, you will:
Information Technology Risk Management:
• Participate in and independently challenge first-line IT risk and control assessments, including identification of material risks, control gaps, and residual risk.
• Assess whether the Bank’s IT risk management practices are designed and operating effectively in alignment with OSFI guidance and internal risk appetite.
• Provide oversight and effective challenge of the adequacy of IT resilience, availability, and recoverability capabilities.
• Review and assess the design and testing outcomes of disaster recovery and business continuity programs developed by the first line.
• Monitor and assess adherence to data governance frameworks, including data integrity, confidentiality, and availability controls.
• Evaluate whether critical business services and supporting systems are appropriately identified, classified, and prioritized for resilience planning.
• Provide independent oversight of the Bank’s Business Continuity Management (BCM), including testing results and remediation tracking.
• Review the results of IT control testing, audits, and assessments, and challenge the completeness and effectiveness of remediation actions.
Third-Party Vendor Management:
• Provide oversight of the Bank’s Third-Party Risk Management program.
• Review and challenge risk assessments, due diligence outcomes, and ongoing monitoring activities performed by the First Line of Defense.
Cybersecurity:
• Provide independent oversight and challenge the Bank’s cybersecurity risk management framework.
• Monitor cyber risk metrics, incidents, and emerging threats, and assess their impact on the Bank’s risk profile.
What You’ll Need to Succeed
• Bachelor's degree in Information Technology, Computer Science, or a related field.
• Minimum of 2 years of experience in IT risk management, cybersecurity, or a related role.
• Strong understanding of OSFI guidelines and regulatory requirements.
• Experience with risk assessment methodologies and tools.
• Good understanding of data management concepts; prior exposure to related initiatives.
• Proficient with Microsoft Office (Word, Excel, PowerPoint) including macros and data visualizations.
• Relevant certifications (e.g., CC) considered an asset.
What Sets You Apart
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Analytical skills and the ability to independently generate risk-based reporting for monitoring & oversight
• Willingness to learn new skills and expand knowledge base by demonstrating initiative through taking on new tasks
• Ability to prioritize, balance conflicting tasks, and manage internal and external stakeholders
• All-round abilities, and a demonstrated willingness and enthusiasm to be a team-player, and to embrace the challenge of working in a lean and fast-paced environment in a growing organization
Our Values and What We Offer at RFA
At RFA, we live by our core values. These values guide our daily actions and shape our work culture:
• Accountability: You take ownership of your work & its consequences. You always consider risk & make informed decisions.
• Selflessness: You share info & teach others. You’re able to put your ego aside & understand that the best idea wins.
• Inclusivity: You value differing viewpoints & experiences. You understand how this can drive growth & innovation.
• Innovation: You seek opportunity & embrace change. You see tech as a way to enhance productivity & drive profitability.
• Courage: You make tough decisions in our best interest. You see opportunity when faced with challenge or adversity.
• Impact: You value results & your contributions. You rise to the occasion and never settle for sub-par.
• Performance: You embody a competitive spirit, desire to win and strive for executional excellence.
Along with a strong work culture, RFA offers a comprehensive benefits package, including:
• Health & Dental Care
• Vision Care
• RRSP Match
• Health & Wellness Spend
• Vacation & Personal Days
• Hybrid working environment
Ready to take the next step?
If this opportunity excites you and aligns with your skills and aspirations, we’d love to hear about how you can contribute to our team at RFA.
Accessibility
Accommodation is available upon request for applicants and employees with disabilities. If you are contacted for a job opportunity, please advise us of any accommodations needed to ensure you have access to a fair and equitable process. Any information received relating to accommodation will be addressed confidentially.
Date: March 6, 2026
Location: Toronto
Company: RFA Bank of Canada
Job Type: Permanent
Closing Date: March 20, 2027
About RFA
Founded in 1996, RFA (Realty Financial Advisors) is a leading Canadian-owned real estate firm. Through RFA Bank of Canada and RFA Mortgage Corporation, RFA offers mortgage brokers a complete range of Prime and Alternative mortgage solutions.
RFA Bank of Canada, a division of RFA (Realty Financial Advisors), is a federally regulated Schedule I Bank. Our goal is to be a long-term leader in the residential lending market by offering more than just competitive rates and compensation. At RFA Bank of Canada, we focus on delivering a unique value proposition in the Alternative mortgage space, committed to innovation and exceptional service to meet a diverse range of borrower needs.
The Opportunity
We’re looking to fill an Analyst, IT Risk position at RFA Bank of Canada!
The Information Technology (IT) Risk Analyst, Operational Risk is responsible for supporting the Senior Manager in ensuring that the Board and Senior Management have full insight into the technology and resilience components of the operational risk profile of the Bank. The IT Risk Analyst will assist the Senior Manager in mitigating risks arising from internal processes, people, systems and as/if applicable, external events. This is achieved through the establishment, maintenance and enhancement of the technology and resilience components of an operational risk management framework governing the Bank’s existing activities and processes as well as any prospective business or other changes.
Core Responsibilities
As the Analyst, IT Risk, you will:
Information Technology Risk Management:
• Participate in and independently challenge first-line IT risk and control assessments, including identification of material risks, control gaps, and residual risk.
• Assess whether the Bank’s IT risk management practices are designed and operating effectively in alignment with OSFI guidance and internal risk appetite.
• Provide oversight and effective challenge of the adequacy of IT resilience, availability, and recoverability capabilities.
• Review and assess the design and testing outcomes of disaster recovery and business continuity programs developed by the first line.
• Monitor and assess adherence to data governance frameworks, including data integrity, confidentiality, and availability controls.
• Evaluate whether critical business services and supporting systems are appropriately identified, classified, and prioritized for resilience planning.
• Provide independent oversight of the Bank’s Business Continuity Management (BCM), including testing results and remediation tracking.
• Review the results of IT control testing, audits, and assessments, and challenge the completeness and effectiveness of remediation actions.
Third-Party Vendor Management:
• Provide oversight of the Bank’s Third-Party Risk Management program.
• Review and challenge risk assessments, due diligence outcomes, and ongoing monitoring activities performed by the First Line of Defense.
Cybersecurity:
• Provide independent oversight and challenge the Bank’s cybersecurity risk management framework.
• Monitor cyber risk metrics, incidents, and emerging threats, and assess their impact on the Bank’s risk profile.
What You’ll Need to Succeed
• Bachelor's degree in Information Technology, Computer Science, or a related field.
• Minimum of 2 years of experience in IT risk management, cybersecurity, or a related role.
• Strong understanding of OSFI guidelines and regulatory requirements.
• Experience with risk assessment methodologies and tools.
• Good understanding of data management concepts; prior exposure to related initiatives.
• Proficient with Microsoft Office (Word, Excel, PowerPoint) including macros and data visualizations.
• Relevant certifications (e.g., CC) considered an asset.
What Sets You Apart
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Analytical skills and the ability to independently generate risk-based reporting for monitoring & oversight
• Willingness to learn new skills and expand knowledge base by demonstrating initiative through taking on new tasks
• Ability to prioritize, balance conflicting tasks, and manage internal and external stakeholders
• All-round abilities, and a demonstrated willingness and enthusiasm to be a team-player, and to embrace the challenge of working in a lean and fast-paced environment in a growing organization
Our Values and What We Offer at RFA
At RFA, we live by our core values. These values guide our daily actions and shape our work culture:
• Accountability: You take ownership of your work & its consequences. You always consider risk & make informed decisions.
• Selflessness: You share info & teach others. You’re able to put your ego aside & understand that the best idea wins.
• Inclusivity: You value differing viewpoints & experiences. You understand how this can drive growth & innovation.
• Innovation: You seek opportunity & embrace change. You see tech as a way to enhance productivity & drive profitability.
• Courage: You make tough decisions in our best interest. You see opportunity when faced with challenge or adversity.
• Impact: You value results & your contributions. You rise to the occasion and never settle for sub-par.
• Performance: You embody a competitive spirit, desire to win and strive for executional excellence.
Along with a strong work culture, RFA offers a comprehensive benefits package, including:
• Health & Dental Care
• Vision Care
• RRSP Match
• Health & Wellness Spend
• Vacation & Personal Days
• Hybrid working environment
Ready to take the next step?
If this opportunity excites you and aligns with your skills and aspirations, we’d love to hear about how you can contribute to our team at RFA.
Accessibility
Accommodation is available upon request for applicants and employees with disabilities. If you are contacted for a job opportunity, please advise us of any accommodations needed to ensure you have access to a fair and equitable process. Any information received relating to accommodation will be addressed confidentially.