Senior IT Build Analyst

Position:
Senior IT Build Analyst

Client: Private Sector, Banking Client
Location: Toronto (Hybrid)
Duration: 1 Year - Option to Extend

Kyndryl are seeking to address a high‑severity internal audit finding related to inadequate patch management governance. The Senior IT Build Analyst sits at the execution layer of the team — working hands‑on with 30+ patching teams to ensure all documentation, artifacts, and compliance evidence are produced, stored, and maintained to the client’s patching standard. This is a practitioner role — not advisory.

You’ll be in the weeds of document governance, KPI/KRI data collection, and audit evidence packaging, operating across multiple patching teams simultaneously. The environment is complex, fast‑moving, and directly tied to active audit remediation. Candidates who thrive in structured governance programmes with high stakeholder volume will succeed here.

• 5+ years of experience in IT governance, technology risk, infrastructure operations, or information security — banking or regulated FSI preferred
• Hands‑on experience with audit and regulatory review processes, including evidence preparation and management response documentation
• Working knowledge of KPI/KRI development, collection, and management reporting in a technology context
• Strong document management skills — proficiency with Confluence, SharePoint, and JIRA is required
• Solid understanding of cybersecurity control standards and patch management processes
• Excellent written communication — ability to produce clear, accurate governance documentation and audit narratives under time pressure
• Detail‑oriented with the ability to manage a high volume of documents and artifacts across multiple teams simultaneously
• Self‑directed and organized — able to manage workload independently without close supervision
• Information security certification an asset: CRISC, CISM, CISA, or CISSP

• Partner directly with patching teams to produce, review, and maintain all required standard control documents, procedures, and RACIs
• Collect, validate, and consolidate KPIs and KRIs from individual patching teams on a defined reporting cadence
• Review patching documentation for completeness and accuracy prior to storage and formal approval — flag gaps and drive resolution
• Maintain and organize all patching governance artifacts in Confluence, SharePoint, and reference data repositories
• Support preparation of evidence packages for internal audit and regulatory examinations — organized, traceable, and exam‑ready
• Assist in composing management responses, remediation activity documentation, and First Line control exception records
• Identify process improvement opportunities within the governance model and surface recommendations to senior team members
• Participate in Segment Reviews and RACI alignment sessions across patching teams
• Support knowledge transfer activities within the VRO to build institutional memory around audit and regulatory responses
• Coordinate with the Senior PM and Information Security Specialist on audit remediation milestones and evidence deadlines

Note :
This is for a contract position with one of our clients and not a full‑time employment role with Kyndryl Canada.