Senior Manager, IT Controls Monitoring & Testing

Company: CGL 
Department: IT
Employment Type: Regular Full-Time 
Work Model: Hybrid
Language: This role operates in English
Additional Information: This/these role(s) is/are currently vacant

The Opportunity:

We are a leading Canadian financial services co-operative committed to being a catalyst for a sustainable and resilient society and our team is essential to deliver on this strategy. That’s why we prioritize our people, to ensure we provide a strong culture and development opportunities which enables our team to thrive and to live our purpose. The best part is that you will work with people that care passionately about you, our clients, and our communities.

Our Information Technology team aspires to be a leader in applying technology to power business strategies. We connect concepts with solutions to create value and efficiencies for our clients, employees, and communities. Our success is driven by our skilled and diverse team who are passionate about excellence, innovation, and agility.

We are seeking an experienced leader to design, develop, implement, and manage an IT control monitoring and testing program. Reporting to the AVP, Security Governance, this role is crucial for maintaining the integrity, security, and compliance of our IT infrastructure. The candidate will offer expert opinions, leadership, and interact with stakeholders across various management levels. Ideal candidates should possess a background in technology, cybersecurity, risk management, controls assurance and testing, along with strong analytical and communication skills.

How you will create impact:

• Build and lead a team supporting program development and execution.
• Promote a collaborative and high-performance culture focused on continuous learning and professional development.
• Mentor and develop team members to align with organizational objectives.
• Conduct performance reviews and provide feedback.
• Encourage innovative thinking, problem-solving, and proactive risk management.
• Provide direction to the monitoring and testing team.
• Efficiently allocate resources for monitoring and testing initiatives.
• Adopt a recognized monitoring and testing framework.
• Establish policies and procedures for technology monitoring and testing.
• Define roles and responsibilities related to technology monitoring and testing.
• Identify and evaluate technology risks.
• Advise on control objectives and activities to mitigate risks.
• Support development and implementation of control monitoring tools and techniques.
• Design control testing plans and scripts.
• Oversee and manage monitoring and testing activities.
• Review and provide feedback on testing results.
• Communicate testing results to stakeholders.
• Work with stakeholders on remediation plans.
• Establish reporting mechanisms for monitoring and testing.
• Assist with the development, implementation, and setup of automated workflow tool(s).

How you will succeed:

• You build trusting relationships and provide feedback to enable the successful development of your team and colleagues.
• You foster innovation and continuous improvement with a focus on client experience.
• You facilitate the adoption of change and create a high-performance culture through alignment of your team’s work with organizational goals.
• You successfully convey messages and demonstrate openness to exploring alternative points of view.
• You use critical thinking to guide decision making

To join our team:

• Bachelor's degree in information technology, Cybersecurity, or related field.
• 15+ years of experience in IT Governance, Internal/External Audit (IT), IT Internal Control Compliance, Information security, governance & compliance (GRC).
• Preferred certifications include CISSP, CISM, CRISC, CISA, CIA, and/or CPA.
• Knowledge of IT principles, policies, and regulations.
• Familiarity with IT frameworks and standards (e.g., ISO 27001, NIST SP800-53, NIST CSF, COBIT 5, PCI DSS, CIS).
• Expertise in IT controls monitoring and testing frameworks, methodologies, and practices.
• Experience in developing and operating technology control monitoring and testing programs and leading security assurance programs.
• Proven ability to lead effective teams.
• Ability to oversee and direct IT controls testing.
• Ability to collaborate with control owners on deficiency remediation.
• Strong communication skills for technical and non-technical audiences.
• Excellent analytical and problem-solving abilities.
• Team-oriented work style.
• Project management skills to handle multiple priorities.
• Proficiency in English is essential to the main duties in this role, including servicing and communicating primarily with majority non-francophone clients, groups, teams. Drafting complex English documents and preparing daily reports for anglophone leaders. The essential non-French duties are not assignable to adjacent or other team members.

What you need to know:

• You will travel regularly. 
• You will be subject to a Background check as a condition of employment, in the event you are the successful candidate.

What’s in it for you?

• Training and development opportunities to grow your career.
• Flexible work options and paid time off to support your personal and family needs.
• A holistic approach to your well-being, with physical and mental health programs and a supportive workplace culture.
• Paid volunteer days to give back to your community.
• In addition to our competitive salary and incentive programs, eligible employees also benefit from a comprehensive total rewards package including group retirement savings plans, pension and benefits (e.g., health and wellness, dental, disability and life coverage), mental health support and an employee assistance program.