×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Director, Technology Risk and Compliance, Digital & Client Technology Solutions

Job in Toronto, Ontario, M5A, Canada
Listing for: Sun Life
Full Time position
Listed on 2026-01-01
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below

Job Description

:

The Director, Technology Risk and Compliance will strategically develop, lead and oversee risk management and compliance programs for the Digital and Client Technology Solutions (DCTS) area, including:technology audits, business continuity, client assurance/privacy and application security compliance programs. This role will provide governance support and maintain a comprehensive risk management framework across Canada Technology's diverse portfolio.

What You Will Do?

Strategic Canadian Business Partnership

  • Anticipate and respond to emerging technology risks and Canadian regulatory changes affecting the organization

  • Collaborate with Canadian senior management on strategic decisions impacting technology risk management

  • Lead engagement with Canadian external stakeholders, regulators and industry bodies on complex compliance matters

  • Support and coordinate the response to client inquiries on technology security and privacy frameworks

    • Governance Framework & Reporting

  • Oversee comprehensive application security compliance programs spanning DCTS's multiple disciplines and business units to ensure the framework and standards are adhered to

  • Design, implement, and operate effective controls within the system to provide reasonable assurance that Sun Life Canada’s service commitments and system requirements are achieved

  • Ensure delivery of audit processes to the adequate satisfaction of internal and external stakeholders from a governance and reporting perspective

    • Canada Technology Program Management

  • Direct comprehensive reviews of identity, entitlement and privileged access management processes across all critical Canadian applications

  • Establish and manage strategic partnerships with Canadian business functions to enhance their access review capabilities and maturity

  • Lead the development of Canada-specific risk management policies, standards and best practices ensuring alignment with regulatory requirements and industry frameworks

    • Risk Management

  • Act as the Business Continuity (BC) Coordinator and work with DCTS leaders, Enterprise Services and Corporate BCP and compliance offices ensuring all BCobjectives are completed for the DCTS organization in a timely manner, including Disaster Recovery exercises.

  • Act as the Record Management Subject Matter Expert and focal point for the annual Records Management Inventory review, working with the DCTS leaders

  • Identify process-level risks, mitigation plans and communicate

  • Manage relationships with senior Canadian leadership, executive levels and external auditors regarding technology risk posture

    • Team Leadership & Development

  • Lead a team of 6-10 resources handling the day-to-day activities related to technology risk and compliance for DCTS

  • Ensure continual employee knowledge and skill growth through performance management process

  • Promotes constructive culture and employee engagement and drives for innovative thinking and solutions

    • What You Will Need to Succeed

  • 10 or more years of progressive experience in Information Security, Risk Management or related functions with significant management experience

  • Proven track record of leading complex, multi-disciplinary risk and compliance initiatives within large Canadian technology organizations

  • Client focused mindset - exceed the expectations of our internal and external customers.

  • Deep expertise in operational risk management frameworks and processes

  • Comprehensive knowledge of Canadian regulatory compliance requirements and industry standards (ISO 27001, NIST, SOC 2, etc.)

  • Exceptional communication and influencing skills with ability to present to Canadian executive leadership and external stakeholders

  • Strong business acumen with understanding of Canadian financial services industry and regulatory environment

  • Proven ability to build consensus and manage complex stakeholder relationships across Canada Technology

    • Assets

  • Advanced certifications: CISSP, CISA, CRISC or equivalententerprisesecurity certifications

  • Experience in Canadian financial services or highly regulated Canadian industries

  • Advanced degree in Information Security, Risk Management, Business Administration or related field

  • Experience with enterprise GRC (Governance, Risk and…

    • Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
    To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
     
     
     
    Search for further Jobs Here:
    (Try combinations for better Results! Or enter less keywords for broader Results)
    Location
    Increase/decrease your Search Radius (miles)

    Job Posting Language
    Employment Category
    Education (minimum level)
    Filters
    Education Level
    Experience Level (years)
    Posted in last:
    Salary
    Advanced Search