Senior Risk Consultant (IT/Cyber/Data & Model Governance)

At Allstate, great things happen when our people work together to protect families and their belongings from life’s uncertainties. And for more than 90 years our innovative drive has kept us a step ahead of our customers’ evolving needs. From advocating for seat belts, air bags and graduated driving laws, to being an industry leader in pricing sophistication, telematics, and, more recently, device and identity protection. 

Job Description

Who is Allstate:
Allstate Insurance Company of Canada is a leading home and auto insurer focused on providing its customers prevention and protection products and services for every stage of life. The company is proud to have been named a Best Employer in Canada for nine consecutive years and prioritizes supporting employees and fostering an inclusive, welcoming corporate culture. Allstate is committed to making a positive difference in the communities in which it operates through partnerships with charitable organizations, employee giving and volunteerism. Serving Canadians since 1953, Allstate strives to provide reassurance with its "You’re in Good Hands®" promise.

Through our Employee Value Proposition, Opportunity, Flexibility, Community, Diversity and Family, we have worked hard to develop and nurture a culture where employees feel valued, experience personal growth, have career options and truly enjoy the work they do. 

Role Designation: Hybrid
 

Benefits to joining Allstate

• Flexible Work Arrangements
• Employee discounts (15% on auto and property insurance, plus many other products and services)
• Good Office program (receive up to 400$ back after purchasing office equipment)
• Student Loan Payment Matching Program for Government Student loans
• Comprehensive Retirement Savings Program with employer matched contributions
• Annual Wellness allowance to support employees with improving health and wellbeing
• Personal reflection day
• Tuition Reimbursement
• Working within the community and giving back!

Job description:

Our team is growing, and we are actively looking to hire a Senior Risk Consultant (IT/Cyber/Data & Model Governance) to embed risk management policies and standard across Allstate Canada Group.

This role will support the Director, Corporate Risk to continuously improve risk management frameworks and embed risk & return framework to decision making process, work with cross-functional teams to implement risk management and governance processes for IT, Cyber DR, Data & Model Governance, lead risk projects, and assist business stakeholders to proactively quantify and manage Allstate Canada Group risk to an acceptable level. The Senior Risk Consultant is regarded by the Business as a Subject Matter Expert in IT, Cyber Risk Management, Disaster Recovery, and Data & Model governance and is consulted by business partners on risk matters, influences and partners / collaborates with internal and external stakeholders.

Accountabilities:

• Develop and maintain strong partnership with business functions and provide expert support to help business stakeholders proactively identify, assess and monitor operational risk
• Perform operational risk assessments by leveraging data analytics and advise business stakeholders on risk mitigation strategies, and track them to completion.
• Lead or assist in oversight of IT risk management, Cyber governance framework and Disaster Recovery, Data & Model governance procedures to ensure effective risk controls and mitigation
• Support the development of operational key risk indicators (KRIs), setting quantitative and qualitative risk threshold limits for key projects and conducting scenario/trend analysis and KRI benchmarking.
• Provide support in enabling effective management of operational risk at all levels by training and coaching business partners on operational risk management best practices such as developing policies and guidelines.
• Ensure that operational risk management processes are aligned and integrated with ACG’ business processes.  Further, ensuring alignment with the Enterprise (USA parent company)
• Ensure operational risk requirements are implemented and monitored on a timely and comprehensive basis, ensuring compliance with regulatory (e.g. OSFI) risk management guidelines and internal risk appetite.
• Support & consult on business/IT/Cyber/DR/Data & Model initiatives and risk assessment, capturing any gaps, mitigation and closure / monitoring that require input and support by Corporate Risk Management
• Deliver governance requirements and in review self assessment relating to IT, Cyber, DR  AI, Data & Model risk Management etc.
• Deliver optimal operational risk management reporting with appropriate risk metrics
• Assist in tracking and reporting on risk events and work/consult with the respective business units to perform root cause analysis, identify mitigating actions and track the actions to closure.
• Ability to interact with different levels in the organization and to provide key messages to senior management

Qualifications:

• Education or equivalent working experience: Business or technology undergraduate degree, risk management designation
• Minimum 5 years’ experience in Risk Management or similar capacity with strong analytic ability
• In depth knowledge and practical implementation of Risk Frameworks such as COBIT are desired. Knowledge of risk management practices and oversight functions including three lines of defense
• Knowledge in Cyber security, Technology Risks, Model Risks, Third Party risk, Data Governance is an asset
• Knowledge of OSFI Guidelines – B-13, B-10, E-21, E-23
• Business knowledge relating to Insurance Industry and associated Regulatory requirements
• Critical thinking and problem-solving skills
• Strong written and oral communication skills
• Ability to influence others
• Attention to detail
• CRM or equivalent
• ITIL knowledge
• NIST knowledge

Bonus qualification:

• Knowledge of P&C Personal Lines
• Governance is an asset
• Experience leading projects is an asset
• GRC system
• Risk Reporting
• ServiceNow exposure or experience
• FRM nice to have
• CGEIT, CISA or CRISC preferred
• Issue Tracking
• Tableau/BI tool

Allstate Canada Group has policies and practices that provide workplace accommodations. If you require accommodation, please let us know and we will work with you to meet your needs.

Skills

COBIT, Critical Thinking, Cybersecurity Risk Management, Disaster Recovery (DR), Information Technology (IT) Risk Management, Information Technology Infrastructure Library (ITIL), Insurance Industry, Issue Tracking, IT Governance Risk and Compliance (GRC), NIST Cybersecurity Framework (CSF), Problem Solving, Property & Casualty Insurance, Risk Reporting, ServiceNow Platform, Tableau (Software)

Joining our team isn’t just a job — it’s an opportunity. One that takes your skills and pushes them to the next level. One that encourages you to challenge the status quo. And one where you can impact the future for the greater good.  

You’ll do all this in a flexible environment that embraces connection and belonging. And with the recognition of several inclusivity and diversity awards, we’ve proven that Allstate empowers everyone to lead, drive change and give back where they work and live. 

Good Hands. Greater Together.®