Manager, IT Governance and Risk

Why you'll love working here:

• high-performance, people-focused culture
• our commitment that equity, diversity, and inclusion are fundamental to our work environment and business success, which helps employees feel valued and empowered to be their authentic selves
• learning and development initiatives, including workshops, Speaker Series events and access to LinkedIn Learning, that support employees' career growth
• membership in HOOPP's world class defined benefit pension plan, which can serve as an important part of your retirement security
• competitive, 100% company-paid extended health and dental benefits for permanent employees, including coverage supporting our team's diversity and mental health (e.g., gender affirmation, fertility and drug treatment, psychological support benefits of $2,500 per year, parental leave top-up, and a health spending account).
• optional post-retirement health and dental benefits subsidized at 50%
• yoga classes, meditation workshops, nutritional consultations, and wellness seminars
• the opportunity to make a difference and help take care of those who care for us, by providing a financially secure retirement for Ontario healthcare workers

Job Summary

The Manager, IT Governance and Risk plays an integral role within the IT Governance, Risk and Compliance (GRC) team of HOOPP's Project Management Office and Governance ("PMO & Governance"). PMO & Governance is one of six groups within the Information Technology Division of HOOPP.

Reporting to the Senior Manager, Technology Governance, Risk & Compliance, the Manager is a leader in IT risk management and governance for the organization by delivering, optimizing, and maintaining HOOPP's IT Risk Program while supporting our investment technology and cloud and data platform teams. The Manager will be responsible for providing exceptional IT risk management and governance support, optimize HOOPP's IT risk management and governance processes, and to foster, advocate for, and strengthen HOOPP's IT risk culture.

What you will do:

• Connect with IT teams to understand their business processes, how they manage risks, and advise on their risks and concerns.

• Contribute to the development and update of IT Governance documents including policies, standards, procedures, and guidelines in support of HOOPP's GRC practices.

• Support risk reporting (KRIs & KPIs) activities and proactive control testing.

• Perform risk assessments for existing processes and new IT initiatives including risk identification, control evaluation and residual risk treatment plans.

• Assist in defining and maintaining IT Risk metrics and dashboards.
• Design controls in partnership with IT teams to address risks.
• Drive compliance related initiatives including the performance of gap assessments for new and existing policies and standards.
• Lead internal control assessments, issue management, remediation tracking and stakeholder communication.
• Promote risk awareness and culture.
• Provide regular status updates ensuring stakeholders are aware of progress and roadblocks.
• Maintain a thorough understanding of technology and GRC practices to assist with IT risk management in a rapidly changing IT environment.
• Handle ad hoc requests or inquiries related to Risk and Control initiatives and function.

What you will bring:

• 7+ years of experience in IT Governance, IT Risk & Compliance, and IT Audit combined with a strong understanding of risk methodologies, frameworks, and practices (ISO standards, COBIT, CIS, COSO, NIST, etc.) Experience in the Financial Services Industry / Capital Markets is an asset.

• Experience in developing and/or reviewing IT Governance documents such as policies, standards, and procedures.

• Experience with control and risk frameworks, performing compliance and risk assessments, designing controls, and overseeing mitigation projects.

• Experience in developing and reporting performance and risk metrics, such as KPIs, KRIs, SLA's, OKR reporting and dashboards for executive leadership teams.

• Experience in domains like Technology Infrastructure, Identity and Access, Change Management etc.,

• Experience working in an agile environment (software development, infrastructure, and shared services) and ability to learn new and emerging technologies.

• A proven team player, who possesses initiative, can work independently and with minimal supervision.

• Strong analytical and problem-solving skills with the ability to think critically, innovate and drive change
• Strategic and independent thinker able to make decisions in ambiguous situations while balancing 'efficiency in delivery' vs. standards/processes'.
• Excellent communication, collaboration and relationship management skills. Ability to communicate, influence and engage with business stakeholders.

• A detail-oriented self-starter with strong time management and organizational skills and the ability to meet tight deadlines.

• Experience in areas of Data Governance, Cloud Governance is an asset.

• Knowledge of public cloud infrastructure (Azure and Amazon Web Services) is an asset.
• Experience with ServiceNow GRC platform is preferred.
• Industry certifications such as CRISC, CISA, CISM, CGEIT, CISSP, CCSP etc. is an asset.

The expected annual base salary range for this role is: $86,000 - $131,000 CAD

The actual base salary offered to the successful candidate may vary based on multiple factors including, but not limited to, individual's expertise and level of experience applicable to the role they are being offered.
This role is eligible to participate in discretionary incentive plan(s), subject to the terms and conditions of the applicable incentive plan text.

This job is for an existing vacancy.

---