Manager, Technology & Data, Assurance and Advisory (A&A)

Company Description

Make an impact at a global and dynamic investment organization

When you join CPP Investments, you are joining one of the world’s most admired and respected institutional investors. As a professional investment management organization, CPP Investments invests the funds of the Canada Pension Plan (CPP) to help ensure its financial sustainability for generations of working and retired Canadians.

CPP Investments invests across regions and asset classes to build a globally diversified portfolio. It holds assets in public equity, private equity, real estate, infrastructure, and fixed income, and the CPP Fund is projected to reach $3.6 trillion in assets by 2050. The organization is headquartered in Toronto with offices in Hong Kong, London, Mumbai, New York City, San Francisco, São Paulo, and Sydney.

CPP Investments successfully attracts, selects, and retains talented individuals from top-tier institutions worldwide. Join our team for access to:

• Stimulating work in a fast-paced and intellectually challenging environment
• Accelerated exposure and responsibility
• Global career development opportunities
• Diverse and inspiring colleagues and approachable leaders
• A hybrid-flexible work environment with an emphasis on in-person collaboration
• A culture rooted in principles of integrity, partnership, and high performance
• An organization with an important social purpose that positively impacts lives

If you have a passion for performance, value a collegial and collaborative culture, and approach work with the highest integrity, invest your career here. 

Job Description

Our Assurance & Advisory (A&A) team plays a critical role in evaluating and enhancing CPP Investments' technology risk management, IT governance, cybersecurity, and data governance frameworks. We are seeking a Manager, Technology & Data, A&A to lead and execute high-impact technology audits and advisory engagements.

This role requires 7+ years of experience in IT auditing, technology risk management, or cybersecurity, with expertise in IT governance, data analytics, and emerging technology risks.

Role Overview

Reporting to a Director, A&A, the Manager, Technology & Data, A&A, will be responsible for leading and executing technology-focused audits, providing strategic insights on IT risk management, and ensuring compliance with industry standards and best practices. You will work closely with senior leadership, risk management, and compliance teams to enhance CPP Investments' technology governance and cybersecurity posture.

This role will provide execution, guidance, and training to the broader A&A team, ensuring comprehensive coverage of technology risks within the audit universe. All activities will be conducted in strict adherence to the International Standards for the Professional Practice of Internal Auditing, as well as accepted industry practices and other commonly recognized frameworks that exceed the profession’s mandatory requirements.

Key Responsibilities

1. Technology, Data Risk & Audit Execution

• Lead and participate in technology audits, evaluating the design and effectiveness of controls related to:
  • Technology infrastructure (networks, servers, databases).
  • Enterprise applications and systems.
  • Cybersecurity frameworks and controls.
  • Cloud services (Azure).
  • Identity Access Management (IAM) and data security.
  • ITGCs, Interface and application controls.
• Develop and implement audit approaches and coverage strategies to ensure comprehensive risk assessment.
• Provide assurance over key risk management strategies, ensuring alignment with industry best practices.
• Provide coaching and guidance to junior auditors ensuring timeliness and quality of deliverables.
• Perform continual assessment of emerging risks, suggesting adjustments to audit plans accordingly.
• Ensure audit work is conducted in accordance with industry standards (e.g., ISACA, IIA, NIST, ISO 27001, COBIT).
• Document audit findings and recommendations in a clear, concise, and actionable manner for senior leadership.

2. Strategic Advisory & Stakeholder Collaboration

• Work closely with Technology & Data leadership, Enterprise Risk, and Compliance teams to align audit activities with business objectives.
• Act as a trusted advisor to business units, offering insights on best practices for IT governance, risk, and compliance.
• Influence strategic decisions by providing data-driven insights on IT risk management.
• Foster strong relationships with business partners and other stakeholders to enhance risk awareness and control effectiveness.

3. Innovation & Continuous Improvement

• Leverage data analytics and automation to enhance audit efficiency and effectiveness.
• Stay updated on emerging technologies, cybersecurity threats, and regulatory changes to ensure audit methodologies remain relevant.
• Analyze complex IT systems to identify areas for improvement and recommend effective solutions.
• Communicate complex technical risks in a business-friendly manner to senior leadership.

Qualifications

Education & Certifications

• Bachelor’s degree in Computer Science, Information Systems, Business, Accounting, or a related field.
• Professional certifications (at least one required): CISA, CISSP, CRISC, CISM, CGEIT, CIA
• Knowledge of IT governance frameworks (COBIT, NIST, ISO 27001) is essential.

Professional Experience

• 7+ years of experience in IT auditing, internal audit, technology risk management, or cybersecurity assessments.
• Strong understanding of IT general controls (ITGCs), application controls, cloud security, and data governance.
• Experience with audit methodologies, risk management practices, and regulatory compliance in financial services or investment management.
• Proven ability to write succinct audit findings/reports that provide meaningful insights to senior leadership.
• Strong organizational/project management skills, the ability to manage end to end audits and achieve multiple deadlines, both internal and external.

Key Competencies

• Critical Thinking & Attention to Detail: Ability to identify risks and assess control effectiveness with a keen eye for detail.
• Communications & Simplification: Superior communication skills (written and oral) with the ability to take concepts or risks or technical control gaps and present them simply, concisely and effectively.
• Collaboration & Influence: Strong interpersonal skills to work effectively with cross-functional teams.
• Adaptability & Innovation: Willingness to embrace change and leverage new technologies to enhance audit processes.
• Integrity & Accountability: Commitment to ethical auditing practices and professional standards.

Additional Information

Visit our LinkedIn Career Page or Follow us on LinkedIn. #LI-PM1 #LI-Onsite

At CPP Investments, we are committed to diversity and equitable access to employment opportunities based on ability.

We thank all applicants for their interest but will only contact candidates selected to advance in the hiring process. 

Our Commitment to Inclusion and Diversity:

In addition to being dedicated to building a workforce that reflects diverse talent, we are committed to fostering an inclusive and accessible experience. If you require an accommodation for any part of the recruitment process (including alternate formats of materials, accessible meeting rooms, etc.), please let us know and we will work with you to meet your needs.

Disclaimer:

CPP Investments does not accept resumes from employment placement agencies, head-hunters or recruitment suppliers that are not in a formal contractual arrangement with us. Our recruitment supplier arrangements are restricted to specific hiring needs and do not include this or other web-site job postings. Any resume or other information received from a supplier not approved by CPP Investments to provide resumes to this posting or web-site will be considered unsolicited and will not be considered.  CPP Investments will not pay any referral, placement or other fee for the supply of such unsolicited resumes or information.