Director, Risk and Controls, CRE

About The Position

Requirements

• A minimum of 7 years in progressive roles in Operational Risk, Audit, or Controls leadership.
• Proven experience managing regulatory or audit interactions.
• University degree in business, finance, risk management, or a related field, and/or equivalent combination of education and relevant experience.
• Strong understanding of enterprise risk frameworks, governance, and CAP management.

Nice To Haves

• Relevant professional certification/designation (e.g., CIA, CISA, CRMA, CBCP) is an asset.
• Expertise in RCSA frameworks, audit management, and control environments.

Responsibilities

• Define and lead the CRE risk framework, including Risk Assessments approach, scope, prioritization, and integration with CRE Risk & Technology initiatives.
• Design and implement risk processes and tools ensuring alignment with the firm’s enterprise risk framework, leveraging approved technology standards and meeting the needs of all key risk stakeholders across the organization.
• Provide oversight, challenge, and sign-off on risk assessments, and audit planning priorities across CRE.
• Embed enterprise approval requirements, thresholds, and governance checkpoints into RCSA design and execution.
• Establish risk tracking mechanisms (centralized logs, timelines, etc.) to provide visibility into risk exposures and remediation progress.
• Establish control design standards, procedures, and documentation across CRE.
• Evaluate current risks and identify emerging risks facing the business unit, and ensure that controls are properly focused.
• Lead process development and ongoing updates to the Risk and Controls Framework, ensuring consistency across regions, platforms, and programs.
• Ensure the control environment supports audit, regulatory, privacy, and approval requirements, including BUSO governance where applicable.
• Integrate enterprise approval workflows (thresholds, contract approvals, policy exceptions) into control design.
• Govern enterprise approval frameworks across CRE.
• Ensure all approvals are captured and stored with clear audit trails.
• Drive standardization and automation of approval tracking and reporting.
• Define and maintain centralized repositories for control documentation, approvals, and artifacts.
• Implement standardized control tracking tools to monitor effectiveness, ownership, and deficiencies.
• Act as primary interface with Internal Audit, OSFI, Risk leadership, and key control stakeholders.
• Lead audit planning, readiness, and execution across CRE, including coordination of evidence, stakeholder engagement, and assist in the development of remediation plans.
• Oversee issue management, CAPs, and remediation delivery to closure.
• Ensure approvals, risk decisions, and control evidence are fully traceable and audit-aligned.
• Develop audit-ready documentation frameworks including evidence libraries and approval logs.
• Monitor audit trends and findings to drive continuous improvement.
• Ensure CRE’s BCP, BIA, resilience, and pandemic readiness activities align to risk assessments and enterprise standards.
• Provide oversight of continuity controls, testing requirements, and preparedness updates.
• Lead executive reporting across risk, audit, approvals, control effectiveness, key issues, and quarterly privacy reporting requirements.
• Define governance forums, escalation protocols, reporting cadence, and oversight for BUSO approvals where applicable.
• Drive integration of approvals, policies, procedures, and privacy obligations into the broader risk framework.
• Establish enterprise-aligned governance ensuring all initiatives meet approval requirements.
• Deliver consolidated reporting on approvals, audit readiness, and remediation tracking.
• Implement end-to-end tracking of approvals, exceptions, and deviations.

Benefits

• health
• dental
• mental health
• vision
• short- and long-term disability
• life and AD&D insurance coverage
• adoption/surrogacy and wellness benefits
• employee/family assistance plans
• pension
• global share ownership plan with employer matching contributions
• financial education and counseling resources
• holidays
• vacation
• personal
• sick days