Division: Risk Governance and Compliance
Work Status: Full-Time
Location: Toronto, ON (Hybrid, 2-3 days in office)
About the Role:
This role has a broad mandate, supporting both the Head of Enterprise Risk Management and the Head of Cybersecurity and Technology Risk in the risk, governance and compliance function across the organization, with a particular focus on Technology and Cybersecurity.
In this role you will work with stakeholders to identify risks, assist in the development of policies and procedures to mitigate risk, assess compliance and report on findings.
You will help to maintain the Company's enterprise risk register and cybersecurity risk register and prepare quarterly reporting for the senior leadership team and the board of directors on significant risks.
You will fulfill a project challenge function on significant technology projects and work closely with the risk management team on ad hoc risk assessments and special projects.
You will contribute by:
- Identify, analyze and evaluate risks across operational, financial, technological, and cybersecurity domains. Conduct regular risk assessments to determine potential impact and likelihood. Work with risk owners to develop and implement risk mitigation strategies aligned with organizational objectives.
- Assess compliance with policies and standards within the organization and report on findings. Maintain dashboards and prepare ad hoc reports on findings.
- Establish and maintain risk management policies, standards and procedures and align risk management practices with recognized frameworks with a particular focus on technology risk.
- Work closely with the Head of Enterprise Risk and the Head of Cybersecurity and Technology Risk on the planning and preparation of materials for quarterly and ad hoc cybersecurity and technology risk meetings, quarterly enterprise risk meetings and quarterly board reporting.
Skills and experience you will bring:
- A university degree in a related field and 8-10 years relevant experience
- Extensive knowledge of enterprise risk management principles and frameworks, with a particular focus on technology risk (including COSO, CSF, ISO and NIST frameworks) and familiarity with regulatory requirements (GDPR, SOC2)
- Excellent collaboration and communication skills with the ability to build relationships across the organization
- Strong organizational skills with experience managing multiple projects, deadlines and priorities
- Strategic thinking and problem-solving skills
- Proven ability to successfully contribute to complex projects and teams, particularly focused on large scale IT projects
- Familiarity with governance, risk and compliance software and tools, and proficiency in Microsoft Office suite.
Application Deadline: March 18, 2026
