Director IT Risk

Empire Life is hiring a Director IT Risk & Compliance to join our Information Technology team. This role supports IT’s ownership and management of risks, governance, regulation and compliance within the IT domain. The incumbent will help design, implement and maintain robust internal controls to ensure a compliant and well-governed operating environment. The role leads risk management within the business unit, ensuring policies owned by the business unit are appropriate, compliant and auditable. In collaboration with Risk Management, Corporate Compliance, Audit Services, and Legal, the role ensures IT adherence to internal risk management policies and external regulatory requirements while promoting efficient processes that drive operational excellence. The position operates within a matrix reporting structure, directly reporting to the SVP, IT and CTO, with functional accountability through a dotted-line relationship to the Chief Risk Officer and to the Chief Compliance Officer as required for the BUCO role and other duties as appropriate. Why pursue this opportunity The role - this is a new position and your chance to join a growing team, while being provided the opportunity to make an impact. Assume a pivotal leadership position - harness your expertise to deliver impactful results, shaping and leading your area with experienced foresight. Influence and innovate at the highest level - we welcome leaders who bring a dynamic blend of fresh perspectives and leading practices to steer our strategic course. What you’ll be working on Identifies IT risks, ensuring appropriate controls and monitoring mechanisms are in place. Identifies emerging risks and works within IT to quantify the exposure of the emerging risks and their potential impact on the business. Collaborates with Risk Management to develop reporting to assist the division in executing on expectations of the Company’s Enterprise Risk Management Framework including the maintenance of inventories/databases. Participates in Committees for various initiatives to identify operational risk and recommend appropriate controls and mitigation activities. Participates in the company-wide project to identify risk from third party providers and create appropriate documentation, administration, reporting, and regulatory compliant practices. Participation in all corporate cyber risk programs providing input and ensuring compliance processes are communicated within IT. Regulatory Compliance Supports the business unit in achieving and maintaining a compliant operating environment, including acting as the Business Unit Compliance Officer (BUCO) for IT. Stays abreast of regulatory changes impacting IT, ensuring the company adheres to relevant laws and regulations. Supports responses to inquiries from regulatory agencies. Participates in regulatory consultations and provides guidance and support to staff on divisional regulatory and compliance matters. Prepares and/or provides information required for regulatory reports. Ensures IT establishes and maintains effective mechanisms to identify, verify, and mitigate compliance risks, including annual RCM testing. Governance and Operations Collaborates with internal and company-wide stakeholders to review and enhance divisionally or functionally owned policies and governance practices, aligning with best practices and regulatory requirements. Understands the impact of legislative, regulatory and compliance changes on procedures, processes and systems; provides actionable recommendations to IT management. Ensures IT practices align with company-wide policies through ongoing monitoring and policy review, including tracking and reporting. Leads IT's Business Continuity Management efforts, ensuring alignment with corporate commitments and coordinating related activities. Audit Coordination and Controls Coordinates IT responses to internal and external audits, keeping management informed of progress and outcomes. Collaborates with Internal Audit to evaluate internal controls and identify opportunities for improvement, including addressing findings. Collaborates with Internal Audit to coordinate audit activity, scope, planning and timing with IT. Evaluates and improves divisional/functional procedures as required. General Participate in relevant Committees and functions as necessary. Leads investigations into privacy breaches and incidents within IT, supports broader investigations with Corporate Compliance and Legal, and completes required privacy reporting. Maintains and annually reviews control documents in the Ethidex Compliance software, including an inherent risk assessment for each control objective. What we’re looking for you to have Knowledge of insurance regulations and compliance requirements, with the ability to adapt to evolving regulatory landscapes. Demonstrated experience in internal audit, risk management, or compliance is strongly preferred. Bachelor’s degree in a relevant field or an equivalent combination of education and professional experience. Knowledge of policy creation and management principles. Strong and broad knowledge of risk and compliance related systems, processes and methodologies used cross-organizationally and any specific to the business unit/function. Experience implementing change management initiatives in alignment with strategic goals. Analytical and problem-solving skills. Excellent written, verbal, and interpersonal communication skills with the ability to influence and engage stakeholders at all levels. Strong relationship-building and negotiation skills, with the ability to collaborate effectively across all levels of the organization. Ability to manage multiple projects simultaneously, prioritize tasks and meet deadlines. Integrity and discretion in handling sensitive and confidential information. English language proficiency is required for communicating with customers, advisors, or employees across Canada. Beyond the salary For regular full-time positions, Empire Life offers a comprehensive total rewards package that includes: Competitive salaries with annual pay increases Annual bonus program for non-sales positions A comprehensive employer-funded benefits package starting from day one of employment, including life insurance, disability, health and dental and a health account Flexible work arrangements and an annual allotment of personal health days Four weeks annual vacation from hire date A defined contribution pension plan with generous employer matching Top up programs for parental leave and compassionate leave Employer-sponsored wellness and recognition programs A cash employee referral program To learn more about working at Empire Life, visit Get to know us Empire Life is proud to be an equal opportunity employer. We celebrate diversity, are committed to creating an inclusive environment, and welcome everyone to participate in our application process. We encourage those of all backgrounds and experiences to apply, even if you don\'t believe you meet each unique qualification outlined. Applicants will receive equal consideration without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, disability, or age. Empire Life welcomes applications from people with disabilities and disabled people. Accommodations are available upon request for candidates taking part in all aspects of the screening and selection process. If you need this job posting in an alternative format or have any accessibility questions, please contact Seniority level Director Employment type Full-time Job function Information Technology and Accounting/Auditing Industries Insurance #J-18808-Ljbffr