Leader, Technology, Cyber & Business Continuity Management Oversight Risk

About The Position

Requirements

• 15+ years of progressive experience in technology risk management, cyber risk, ERM, or related disciplines within financial services or payments.
• Expertise in second-line tech/cyber risk functions, including independent challenge and oversight.
• Advanced knowledge of cyber risk management, including emerging threats, control frameworks (e.g., NIST, ISO 27001), and incident response.
• Strong understanding of ERM principles, risk appetite, control frameworks, RCSAs, CIRAs, and the Three Lines of Defense model.
• Experience engaging with regulatory bodies and leading enterprise-wide risk programs.
• Demonstrated experience providing oversight or leadership of Business Continuity Management (BCM) programs, including continuity planning (BIAs/BCPs), crisis management readiness, and enterprise-wide testing, with alignment to regulatory and operational resilience expectations.
• Exceptional communication skills for executive and Board-level engagement.
• Eligibility to work for Interac Corp. in Canada in a full-time capacity.

Nice To Haves

• Professional designations such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer, or equivalent are considered assets.

Responsibilities

• Oversee and embed effective technology and cyber risk management practices across platforms, services, and business units, in alignment with enterprise risk frameworks and risk appetite.
• Serve as the enterprise’s independent second-line lead for technology and cyber risk, providing objective challenge, oversight, and thought leadership.
• Play a key role in supporting and overseeing the organization’s response to Bank of Canada regulatory expectations, ensuring second-line assurance over design, implementation, and ongoing effectiveness.
• Drive continuous improvement in cyber resilience, technology risk management, and operational resilience within a rapidly evolving digital and regulatory environment.
• Provide oversight of the enterprise Business Continuity Management (BCM) program, ensuring critical business services are supported by robust continuity planning, crisis management frameworks, and regular testing.
• Provide strategic second-line guidance and oversight for technology and cyber risk management across platforms and services, integrating enterprise risk frameworks and regulatory requirements into planning, delivery, and change management.
• Lead and oversee technology and cyber risk assessments, including Change Initiative Risk Assessments (CIRAs) and Risk & Control Self-Assessments (RCSAs), ensuring consistency with enterprise standards and regulatory expectations.
• Support and challenge first-line teams in the design and operation of controls related to cyber security, technology risk, and operational resilience.
• Coach and influence first-line leaders to strengthen technology and cyber risk capability and reinforce a strong, consistent risk culture.
• Serve as the independent second-line expert for technology and cyber risk, providing objective oversight and effective challenge across all business units.
• Oversee threat identification, control design, mitigation strategies, and incident response practices, ensuring risks are appropriately identified, assessed, and managed.
• Monitor technology and cyber Key Risk Indicators (KRIs), escalate emerging risks, and assess compliance with applicable regulatory standards and frameworks (e.g., Bank of Canada expectations, OSFI, NIST, ISO 27001, PCI DSS).
• Provide second-line oversight of emerging and cross-cutting risk areas, including: Third-party and vendor risk, Cloud security and digital infrastructure, AI governance and model risk, Operational resilience and critical service continuity.
• Provide second-line oversight and challenge of the organization’s readiness for, and adherence to, Bank of Canada supervisory expectations, including those related to cyber security, technology risk, operational resilience, and third-party dependencies.
• Partner with Legal, Compliance, and first-line teams to assess regulatory impacts, review remediation plans, and ensure sustainable risk management practices are embedded.
• Support regulatory examinations, supervisory interactions, and responses by providing independent risk perspectives, evidence of effective oversight, and clear articulation of risk posture.
• Monitor regulatory developments and emerging supervisory themes, advising senior leadership on implications for the technology and cyber risk profile.
• Represent technology and cyber risk themes at governance forums and deliver executive-level reporting and Board insights, translating complex risk concepts into actionable intelligence.
• Foster transparency, accountability, and operational effectiveness across the organization.
• Represent second line technology and cyber risk oversight matters at management committees, governance forums, and risk committees, including delivery of executive-level reporting and Board insights.

Benefits

• The hiring range for this position is $160,000 – $180,000, and you will also be eligible for our short-term incentive plan.
• Generous vacation and wellness days to help you recharge
• Comprehensive employer-paid benefits coverage for peace of mind
• Market-leading employer-funded RRSP program to invest in your future
• Flexible hybrid work model for better work-life balance
• Access to a free and confidential 24/7 employee & family assistance program to offer support for you and your immediate family
• Pregnancy and parental leave top-up to support growing families
• Charitable donation matching with United Way to amplify your impact