Manager Technology Risk Management

 

Permanent Full Time 

-

 

 

 

Manager, Global Technology Risk Management (Methodology and Oversight)

 

This is an exciting time to join Global Technology Risk Management team, which is accountable for the design, execution, embedding and continuous improvement of the Corporation’s   Technology Risk Management (TRM) Framework across the enterprise. In this role, the Manager, Technology Risk Management will manage the development, execution, and ongoing oversight of the end-to-end global TRM programs.  

 

The successful candidate will have opportunities to develop their career and leave their footprint in a respected, global corporation. This role joins a high performing team that is excelling in embedding and deepening effective technology and operational risk management across the enterprise.

 

MANDATE:

In this role, the Manager Technology Risk Management will support development and execution of end-to-end, global technology risk management programs, with focus on strategy, methodology, data analytics, reporting and oversight activities.

 

Working closely with the Director, Global Technology Risk Management, the Manager will maintain and continuously improve a comprehensive global TRM Framework, providing independent oversight, challenging, and influencing senior executives and employing deep subject matter expertise across a broad range of technology focus areas. 

 

KEY ACCOUNTABILITIES

 

1.  Identify, develop, and implement future-oriented Technology Risk Management framework, programs, capabilities, oversight practices and processes that will optimize the identification, assessment, management, monitoring and reporting of Technology risks
   1. Provide extensive subject matter expertise in technology risk management key areas such as information security, technology operations and technology delivery.
   2. Develop and maintain the global TRM framework, methodology, tools, governance structures and policies ensuring alignment with industry best practices.
   3. Drive consistency, quality, and continuous improvement in the implementation of the TRM framework across the enterprise through close collaboration with the regional technology risk management functions.
   4. Conduct research and analysis on industry risk frameworks and standards, such as NIST, COBIT, ISO or FAIR, to identify the most effective strategies and techniques for managing technology risks.
   5. Provide technical expertise to both develop and challenge metrics for measuring technology and cybersecurity related risks.
   6. Provide expertise around current and emerging technology risk topics and serve as an advocate for these issues within the organization.
   7. Supports development and execution of strategic initiatives in collaboration with internal and external stakeholders.
   8. Evaluate the effectiveness of risk mitigation strategies and make recommendations for improvement.
   9. Facilitate the development and maintenance of the technology risk appetite and associated limits.
   10. Identify potential risk scenarios for technology-related risks, such as data breaches, cyber-attacks, or system failures.
   11. Maintain and manage risk-related documentation and ensure compliance with applicable regulations and policies related to technology risk governance.
2. Lead the enterprise technology Risk Management reporting process to ensure timely monitoring and reporting of technology risks to senior management and regulators.
   1. Build, implement and manage methodologies, metrics, and processes to consolidate, interpret and report technology risk within the risk appetite to regulators and senior management team.
   2. Good understanding of the FAIR (Factor Analysis of Information Risk) framework and is knowledgeable in mathematical and analytical analysis.
   3. Provide oversight and challenge of technology and cybersecurity risk measurement metrics.
   4. Manage the development and maintenance of technology risk profiles and risk dashboards aligned with enterprise and operational risk reporting; and identify and report on Key Risk Indicators and supporting metrics to support technology risk reporting.
   5. Establish and manage the technology risk data collection, monitoring and reporting processes, ensuring that the procedures are clear and easily executable.
   6. Design, implement and maintain standard TRM reporting templates in alignment with Operational Risk management requirements
   7. Serve as the main point of contact for the regional Second Line of Defence partners related to technology risk reporting.

 

1. Promote sound technology risk management practices across the organization
   1. As a catalyst for change, guide the integration of technology risk management practices and culture throughout the enterprise.
   2. Provide training on the technology risk management framework, standards, methodologies, and guidelines to ensure that all stakeholders are aware of their roles and responsibilities in managing technology risks.
   3. Provide objective and independent risk expert advice and counsel, partnering with Technology, Information Security, Audit, Legal, Compliance and Operational Risk Management functions at both regional and global levels.

Qualifications:

• A bachelor's or master's degree in a relevant field, such as computer science, information technology, or risk management.
• At least 10 years of progressive experience in technology risk management in large, complex Financial Services and/or Insurance companies including broad knowledge of their various lines of business.
• Experience in leading the development and implementation of TRM frameworks, policies, related processes, and controls in a second line of defense role.
• Strong analytical skills, with foundation knowledge of statistics.
• Conceptualization, presentation, and communication and relationship building skills coupled with understanding of people change management principles to effectively execute change.
• Deep understanding and extensive knowledge of Information Security and Cybersecurity, Technology Delivery, and Technology Operations.
• Professional designation such as CRISC, CISSP, CCSP, CISM or CGEIT is required.
• Sound knowledge of technology control and risk frameworks, such as NIST CSF, ISO, COBIT 2019, ITIL, COSO, etc. is required.
• Experience working with regulators, and strong knowledge of current and emerging global technology risk regulatory requirements.
• Experience with implementing and maintaining automated risk management tools (e.g., Governance, Risk and Compliance solution)
• Excellent team building skills, both as a leader and as a team player.
• Sound judgment, excellent analytical skills, and strong logic and data integration skills.

 

If you are interested in this exciting opportunity, please submit your application with your resume and cover letter. We thank all applicants for their interest, but only those selected for an interview will be contacted.

-

The base salary for this position is between  $89,100 - $162,700 annually.  This represents base salary only and does not represent other variable compensation components of our total compensation ( i.e. annual bonus, commission etc).  If you are selected to move forward in our recruitment process, your recruiter will be able to discuss additional details of our total rewards program with you.

 

Career opportunities will be open a minimum of 5 business days from the date of posting, closing dates will vary depending on the search activity. All applications received will be reviewed on a rolling basis.

 

Be your best at Canada Life- Apply today!

 

Being a part of Canada Life means you have a voice. This is a place where your unique background, perspectives and talents are valued, and shape our future success.

 

You can be your best here. You’re part of a diverse and inclusive workplace where your career and well-being are championed. You’ll have the opportunity to excel in your way, finding new and better ways to deliver exceptional customer and advisor experiences.

 

Together, as part of a great team, you’ll deliver on our shared purpose to improve the well-being of Canadians. It’s our driving force. Become part of a strong and successful company that’s trusted by millions of Canadians to do the right thing.

 

Canada Life serves the financial security needs of more than 13 million people across Canada, with additional operations in Europe and the United States. As members of the Power Financial Corporation group of companies, we’re one of Canada’s leading insurers with interests in life insurance, health insurance, investment and retirement savings. We offer a broad portfolio of financial and benefit plan solutions for individuals, families, businesses and organizations. 

 

We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee has the opportunity to reach their potential. 

 

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Canada Life policies. To request a reasonable accommodation in the application process, contact talentacquisitioncanada@canadalife.com.

 

Canada Life would like to thank all applicants, however only those who qualify for an interview will be contacted.

 

#LI-Hybrid