Cyber Risk Management Lead

4 weeks ago

Old Toronto, Ontario, Canada CPP Investments Full time
Cyber Risk Management Lead, Information & Corporate Security
  • Contract
  • Function: Information Technology

Make a significant impact at a leading global investment organization

At CPP Investments, you become part of one of the most esteemed and rapidly expanding institutional investors worldwide. With assets exceeding $500 billion under management, CPP Investments is dedicated to professionally managing the funds of the Canada Pension Plan (CPP) to ensure long-term sustainability.

This role is a contract position. Reporting directly to the Managing Director of Cyber & Technology Risk Management, the Cyber Risk Management Lead will concentrate on reducing cyber, technology, and data risks by aiding in the execution of a risk management and internal control framework, particularly within the Technology & Data (T&D) and Information Security (Infosec) divisions.

Your responsibilities will include:

  • Formulating and executing cyber and technology risk management strategies to safeguard the organization's vital information assets and systems.
  • Providing regular insights through Key Risk Indicators (KRIs) and other methods to senior leadership and stakeholders regarding the fund's cyber and technology risk landscape.
  • Assisting in the enhancement and execution of a first line of defense risk and control assessment capability.
  • Contributing to the development and revision of essential documentation to support T&D and Infosec processes and address organization-wide risks.
  • Facilitating the establishment of necessary standards along with governance and monitoring to ensure compliance and manage exceptions.
  • Overseeing and ensuring timely completion of action plans that address findings from audits and reviews across the three lines of defense.
  • Identifying risks and collaborating with colleagues from Legal, Compliance, Risk, T&D, and Infosec to implement effective mitigation strategies.

If you possess many of the following qualifications, we would like to hear from you:

Knowledge/ Skills/ Competencies/ Qualities Required

Education & Professional Certifications:

  • A bachelor's degree is required, preferably in Technology, Data Science, Business, Finance, or a related field; a postgraduate degree is advantageous.
  • Industry-recognized IT certifications (e.g., CISA, CRISC, CISM, CISSP) or equivalent certifications are preferred.

Professional Experience:

  • Extensive knowledge in IT, risk management, business resiliency, network management/architecture, vendor risk management, vulnerability management, information security, and data protection/management.
  • A minimum of 8 years of progressive management experience in technology and/or information risk management within complex financial institutions or investment firms.
  • Familiarity with governance, risk, and compliance frameworks such as ITIL, NIST, COSO, COBIT, etc.
  • Ability to assess components of an institution's IT/information security program and provide guidance on its capacity to identify, protect, respond, and recover from threats and incidents.
  • Capability to comprehend and communicate intricate technical issues to both technical and non-technical audiences.
  • Ability to make decisions and recommendations that effectively balance risk mitigation objectives with operational impacts on processes and departments.
  • Expertise in designing and evaluating risk-based internal control programs, analyzing situations, reaching appropriate conclusions, and making practical recommendations.
  • Exceptional communication skills (both written and oral) with the ability to present concepts or events clearly and effectively.
  • Strong judgment and creativity; excellent problem-solving and analytical skills; ability to process a significant volume of information and draw meaningful conclusions.
  • Proven ability to build and maintain professional relationships and influence others effectively at senior management, peer, and staff levels.
  • Ability to adapt to rapidly changing business needs and priorities with meticulous attention to detail and consistent performance.
  • Self-motivated and capable of working independently as well as collaboratively within a team, appreciating diverse perspectives and opinions.
  • Demonstrated ability to manage multiple complex engagements simultaneously and prioritize work effectively.
  • Demonstrated willingness and ability to stay informed about current investment business trends and organizational developments that could impact CPP Investments' operational and risk environment.

At CPP Investments, we are committed to diversity and equitable access to employment opportunities based on ability.

We appreciate all applicants for their interest; however, only candidates selected to advance in the hiring process will be contacted.

  • Senior Manager, IT and Cyber Risk and Control

    1 day ago

    Old Toronto, Ontario, Canada Accoravillage Full time

    About the RoleWe are seeking a highly skilled and experienced Senior Manager, IT and Cyber Risk and Control to join our team at Accoravillage. As a key member of our organization, you will be responsible for leading the development, implementation, and monitoring of our IT and Cyber Risk Management program.Key ResponsibilitiesLead the IT and Cyber Risk...

  • Senior Manager, IT and Cyber Risk and Control

    23 hours ago

    Old Toronto, Ontario, Canada Accoravillage Full time

    About the RoleWe are seeking a highly skilled and experienced Senior Manager, IT and Cyber Risk and Control to join our team at Accoravillage. As a key member of our organization, you will be responsible for leading the development, implementation, and monitoring of our IT and Cyber Risk Management program.Key ResponsibilitiesLead the IT and Cyber Risk...

  • Cyber Risk Management Leader

    2 days ago

    Old Toronto, Ontario, Canada ERGO Group AG Full time

    Job SummaryWe are seeking a highly skilled and experienced Cyber Risk Management Leader to join our team at ERGO Group AG. As Assistant Vice President Cyber Practice, you will be responsible for driving profitable growth of our Cyber portfolio across Commercial and Personal Lines in Canada.Key ResponsibilitiesCollaborate with Distribution stakeholders,...

  • Cyber Risk Management Leader

    2 days ago

    Old Toronto, Ontario, Canada ERGO Group AG Full time

    Job SummaryWe are seeking a highly skilled and experienced Cyber Risk Management Leader to join our team at ERGO Group AG. As Assistant Vice President Cyber Practice, you will be responsible for driving profitable growth of our Cyber portfolio across Commercial and Personal Lines in Canada.Key ResponsibilitiesCollaborate with Distribution stakeholders,...

  • Cyber Risk Management Leader

    4 weeks ago

    Old Toronto, Ontario, Canada CPP Investments Full time

    Manager, Cyber & Technology Risk Management, Information & Corporate SecurityContractFunction: Information TechnologyMake a significant impact at a global investment organizationAt CPP Investments, you will be part of a highly regarded and rapidly expanding institutional investor. With assets exceeding $500 billion, we are dedicated to managing the funds of...

  • Cyber Risk Management Leader

    4 weeks ago

    Old Toronto, Ontario, Canada CPP Investments Full time

    Manager, Cyber & Technology Risk Management, Information & Corporate SecurityContractFunction: Information TechnologyMake a significant impact within a global investment organizationAt CPP Investments, you will be part of a highly regarded and rapidly expanding institutional investor managing assets exceeding $500 billion. Our organization is dedicated to...

  • Cyber Security Risk Manager

    24 hours ago

    Old Toronto, Ontario, Canada Munich Re Full time

    About the RoleMunich Re is seeking a highly skilled Cyber Security Risk Manager to join our team. As a key member of our Enterprise Risk Management team, you will play a critical role in identifying, prioritizing, and mitigating cyber security risks across our Life and Health North America entities.Key ResponsibilitiesAct as the second line of defense for...

  • Cyber Security Risk Manager

    22 hours ago

    Old Toronto, Ontario, Canada Munich Re Full time

    About the RoleMunich Re is seeking a highly skilled Cyber Security Risk Manager to join our team. As a key member of our Enterprise Risk Management team, you will play a critical role in identifying, prioritizing, and mitigating cyber security risks across our Life and Health North America entities.Key ResponsibilitiesAct as the second line of defense for...

  • Cyber Risk Management Leader

    1 week ago

    Toronto, Ontario, Canada Royal Bank of Canada Full time

    About the RoleThe Director of Cyber Diligence & Integration at Royal Bank of Canada is responsible for leading and managing cyber-related activities across multiple M&A initiatives and business programs. This includes research, due diligence, integration, and transition phases.Key ResponsibilitiesDevelop and implement cyber diligence strategies to ensure...

  • Lead Cyber Security and IT Risk Strategist

    4 weeks ago

    Toronto, Ontario, Canada Scotiabank Full time

    Requisition ID: 202989Join a purpose-driven team that is dedicated to achieving results within an inclusive and high-performing culture.As the Lead Cyber Security and IT Risk Strategist, you will play a pivotal role in the successful development and implementation of a second line of defense program for Cyber Security and IT risk. Your responsibilities will...

  • Cyber Security Risk Manager

    20 hours ago

    Toronto, Ontario, Canada Munich Re Full time

    {"title": "Cyber Security Risk Manager", "content": "Cyber Security Risk ManagerMunich Re is seeking a highly skilled Cyber Security Risk Manager to join our team in Munich Re's Life and Health North America (LHNA) entities. As a key member of the Enterprise Risk Management team, you will be responsible for identifying, prioritizing, and communicating cyber...

  • Cyber Security Risk Manager

    24 hours ago

    Toronto, Ontario, Canada Munich Re Full time

    {"title": "Cyber Security Risk Manager", "content": "Cyber Security Risk ManagerMunich Re is seeking a highly skilled Cyber Security Risk Manager to join our team in Munich Re's Life and Health North America (LHNA) entities. As a key member of the Enterprise Risk Management team, you will be responsible for identifying, prioritizing, and communicating cyber...

  • Lead Cyber Security and IT Risk Strategist

    4 weeks ago

    Toronto, Ontario, Canada Scotiabank Full time

    Requisition ID: 202989 Join a purpose-driven team that is dedicated to achieving results within an inclusive and high-performing culture. As the Lead Cyber Security and IT Risk Strategist, you will play a pivotal role in the successful design and implementation of a second line of defense program focused on Cyber Security and IT risk. Your...

  • Cyber Security Risk Manager

    7 hours ago

    Toronto, Ontario, Canada Munich Re Full time

    About the RoleMunich Re is seeking a highly skilled Cyber Security Risk Manager to join our team. As a key member of our Enterprise Risk Management team, you will play a critical role in identifying, prioritizing, and mitigating cyber security risks across our Life and Health North America entities.Key ResponsibilitiesSupport the development and...

  • Cyber Security Risk Manager

    3 hours ago

    Toronto, Ontario, Canada Munich Re Full time

    About the RoleMunich Re is seeking a highly skilled Cyber Security Risk Manager to join our team. As a key member of our Enterprise Risk Management team, you will play a critical role in identifying, prioritizing, and mitigating cyber security risks across our Life and Health North America entities.Key ResponsibilitiesSupport the development and...

  • Cyber Risk Management Manager

    4 weeks ago

    Toronto, Ontario, Canada Parkeryacht Full time

    Cyber Risk Management Manager, Information & Corporate Security Parkeryacht Explore Parkeryacht, a leading organization in the investment management sector. Discover our mission, strategies, and how we contribute to financial security for our stakeholders. Make a significant impact in a dynamic investment environment By investing your career with...

  • Cyber Security Risk Manager

    2 weeks ago

    Toronto, Ontario, Canada Munich Re Full time

    About the RoleMunich Re is seeking a highly skilled Cyber Security Risk Manager to join our team. As a key member of our Enterprise Risk Management team, you will play a critical role in identifying, prioritizing, and mitigating cyber security risks across our Life and Health North America entities.Key ResponsibilitiesInterim LHNA Cluster Information...

  • Senior Manager, IT and Cyber Risk and Control

    2 days ago

    Toronto, Ontario, Canada Accoravillage Full time

    About the RoleWe are seeking a highly skilled and experienced Senior Manager, IT and Cyber Risk and Control to join our team at Accoravillage. As a key member of our organization, you will be responsible for leading the development, implementation, and monitoring of our IT and Cyber Risk and Control program.Key ResponsibilitiesLead the IT and Cyber Risk and...

  • Senior Manager, IT and Cyber Risk and Control

    2 days ago

    Toronto, Ontario, Canada Accoravillage Full time

    About the RoleWe are seeking a highly skilled and experienced Senior Manager, IT and Cyber Risk and Control to join our team at Accoravillage. As a key member of our organization, you will be responsible for leading the development, implementation, and monitoring of our IT and Cyber Risk and Control program.Key ResponsibilitiesLead the IT and Cyber Risk and...

  • Cyber Risk Management Leader

    6 days ago

    Old Toronto, Ontario, Canada AIG Full time

    About the RoleWe are seeking a highly skilled and experienced Cyber Risk Management Leader to join our team at AIG. As an Assistant Vice President, Cyber & Professional Liability, you will play a key leadership role in driving business growth and delivering profitable underwriting results.Key ResponsibilitiesUnderwriting: Operate within the Cyber &...