Director, Information Technology Risk

You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.

**About the role**

Are you passionate about strengthening how organizations manage technology risk? Do you thrive in roles where relationship-building, thoughtful challenge, and creative thinking are just as important as technical know-how? If so, we’d love to meet you.

We're looking for a Director, Information Technology Risk to join our growing second line risk team. This role will play a key part in ensuring technology risk is effectively managed across the company, by providing independent oversight, maintaining policy and governance frameworks, and leading targeted risk reviews.

You'll be joining a team in the heart of an exciting journey, working to build a modern, effective second line function that adapts to the evolving risk landscape in technology. Our goal is broad, meaningful oversight that adds real value, not just process.

You'll report to a leader who values curiosity, integrity, and thoughtful challenge. Someone who encourages experimentation, supports continuous learning, and fosters a collaborative agile environment.

**What you'll be doing**
- Serve as a trusted expert to first line technology teams, offering expert advice and challenge in a constructive, relationship-centric way.
- Support the execution and maintenance of second line’s Information Technology Risk oversight program:

- Maintain and challenge the IT Risk Policy, Enterprise Operating Guideline and ensure continued alignment across related documents at the business group/unit levels.
- Monitor and evaluate technology risk indicators, major incidents, operational risk events, and policy non-compliances and assess their impact to the Organizations IT risk profile.
- Challenge middle and senior management’s Risk and Control Self Assessments (RCSA).
- Collaborate with the first line Management to establish and renew Key Risk Indicators (KRIs) annually.
- Support second line technology monitoring and challenge activities:

- Participate in annual/ quarterly planning exercises by recommending technology processes for oversight and challenge.
- Lead and participate in the execution of targeted reviews of key technology processes.
- Coordinate and collaborate on challenge planning, execution, and learnings with Business Group and CoE team members.
- Lead the quarterly reporting of IT Risk related metrics and messages to various Risk Committees.
- Actively contribute to the teams ongoing growth and improvement by sharing ideas, exploring innovative approached, testing new tools, and helping to find more efficient ways of working.
- Stay current with industry best practices and trends.

**What you'll need to succeed**
- At least 10 years of experience in roles related to information technology, operational risk, or technology governance.
- A Bachelors Degree in Computer Science, Business, or Risk Management
- Experience working with technology frameworks, policies, or control programs (e.g., ITIL, COBIT).
- A strong understanding of technology practices across large complex organizations.
- Excellent communication skills, both written and verbal. You're comfortable presenting, writing guidance, and engaging diplomatically across levels.
- Experience using data to derive insights.
- Organized, self-driven, and capable of independently managing priorities.
- A collaborative approach and the ability to build strong working relationships with technical and non-technical colleagues.
- A keen eye for identifying risk, asking the right questions, and following through until issues are resolved.
- Familiarity with risk and IT service management tooling would be an asset.

**What's in it for you**:

- Being a member of the Sun Life family, a group of people united by our Purpose: to help Clients and Employees achieve lifetime financial security and live healthier lives.
- In 2024, Sun Life ranked among the top 100 most sustainable global corporations by Corporate Knights for the 15th consecutive year, leading Canadian insurers.
- We are proud to be on the 2024 Best Workplaces in Canada list by Great Place to Work.
- We’re also listed as one of the Best Workplaces for Women and Best Workplaces with Most Trusted Executive Teams.
- Our unique Sabbatical Program gives you the opportunity to take up to 6 weeks off, every five years.
- Care Days available for self-care or care of others (i.e., family or others you may support) and Sick Days to support your well-being.