×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Manager, Technology Risk and Controls

Job in Toronto, Ontario, C6A, Canada
Listing for: Canada Life
Full Time position
Listed on 2026-06-27
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 124300 - 155300 CAD Yearly CAD 124300.00 155300.00 YEAR
Job Description & How to Apply Below

Permanent Full Time

We are seeking a Manager, Technology Risk & Controls, to lead governance, monitoring, and reporting across assigned Technology portfolios. This role focuses on developing actionable risk and security insights through structured risk profiling.

Reporting to the Director, this first line (1B) role acts as a trusted advisor, translating complex risk data into clear, actionable insights that inform senior leadership decisions, support business objectives, and strengthen the organization’s Information Security & Technology Risk (ISTR) posture.

Key Responsibilities
  • Own and deliver portfolio-level risk profiles by consolidating risk and security insights across assets, initiatives, and key domains, including Cyber/Information Security, Technology Operations, and Technology Delivery.
  • Develop and maintain standardized, executive-ready risk reporting, including KRIs/KPIs, thematic risk views, issue trends, policy exceptions, and control health indicators.
  • Drive end-to-end governance of portfolio risk reporting, ensuring data quality, integrity, and consistency across inputs from multiple stakeholders and process owners.
  • Partner with technology process owners, data owners, and delivery teams to ensure timely, accurate, and complete inputs into risk reporting.
  • Act as a central coordination point across Technology, ISTR, Audit, and second line of defense (2

    LOD) functions, ensuring alignment and a consistent risk narrative.
  • Engage with 2

    LOD oversight functions to incorporate independent challenge and regulatory expectations into reporting outputs.
  • Collaborate with SMEs across CIO and CISO organizations to align risk reporting with enterprise priorities and emerging risk themes.
  • Present portfolio risk posture, key themes, and emerging risks to senior leadership, demonstrating strong executive presence and influencing decision-making.
  • Provide effective review and challenge of risk inputs (e.g., issues, audit findings, control statements) to ensure accuracy and completeness in executive reporting.
  • Continuously enhance reporting capabilities through automation, visualization, and improved storytelling.
  • Promote a transparent, risk‑aware culture by improving visibility and understanding of technology and information security risks.
  • Assist with internal policy risk assessments to ensure compliance with standards and regulations.
  • Assist with internal, external and regulatory audit responses, including stakeholder engagement and evidence collection.
What You Will Bring
  • 8–10 years of experience in financial services or another regulated industry.
  • 8–10 years of progressive experience in technology risk, information security, regulatory compliance, or IT governance.
  • 3–5+ years of leadership experience (preferred).
  • Bachelor's degree in computer science, Information Systems, Engineering, or related field, or equivalent experience.
  • Strong understanding of technology risk, information security, Enterprise Risk Management framework, and regulatory requirements (e.g., OSFI, CIRO), as well as industry standards (COBIT, NIST, ISO, SOC
    2).
  • Proven ability to analyze and translate risks in a business context.
  • Demonstrated continuous improvement mindset.
  • Excellent written and verbal communication skills.
  • Strong stakeholder management skills, with the ability to influence and build consensus.
  • Intellectual curiosity and commitment to ongoing learning in technology and risk governance.
  • Understanding of large enterprise operating models in regulated environments.
  • Understanding PowerBI and automation tools or platforms would be an asset.
  • Preferred certifications: CISA, CRISC, CISM, or CISSP.
  • Experience with GRC tools (e.g., Service Now IRM, Metric Stream).

$124,300 - $155,300 annually. This represents base salary only and does not represent other variable compensation components of our total compensation (i.e., annual bonus, commission etc). If you are selected to move forward in our recruitment process, your recruiter will be able to discuss additional details of our total rewards program with you.

Career opportunities will be open a minimum of 5 business days from the date of posting, closing dates will vary depending on the search…

Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search