Manager, Risk

FortraCanada-Ontario, ON
CA$110,000 - CA$130,000

About The Position

The Risk Manager will support the Director of Risk & Security by leading internal audit and risk management activities across the organization. This role encompasses both traditional enterprise risk management (ERM) functions and emerging readiness efforts aimed at evaluating the organization’s ability to respond to a range of global threat scenarios. This is a hands-on position spanning multiple domains, including operational risk, IT and cybersecurity risk, third-party/vendor risk, compliance monitoring, policy governance, and business continuity planning. The Risk Manager will be responsible for guiding enterprise risk assessments, driving remediation efforts, and informing strategic decision-making through clear, high-impact reporting and advisory support. The ideal candidate brings strong technical risk acumen, demonstrated leadership capability, and the ability to operate effectively in a fast-paced, cross-functional environment. Success in this role requires building trust, fostering transparency, and collaborating across teams to strengthen the organization’s overall risk posture.

Requirements

  • Bachelor’s degree in Risk Management, Business, Accounting, Information Security, or related field.
  • 5+ years of relevant experience in risk management, internal audit, or compliance.
  • 2+ years in a people leadership role.
  • Strong knowledge of risk frameworks (e.g., COSO, ISO 31000, NIST).
  • Work experience and/or background in technology-based roles or industry
  • Excellent communication, analytical, and stakeholder engagement skills.
  • Ability to manage multiple priorities in a dynamic, fast-paced environment.
  • Proficiency in English to interact, support and/or provide services to non-French speaking customers, employees and/or partners inside and/or outside the province of Quebec.

Nice To Haves

  • Professional certifications such as CRMA, CISM, CISA, CIA, or equivalent preferred.
  • Familiarity with GRC platforms (e.g., Hyperproof, Archer, ServiceNow GRC, MetricStream).
  • Experience working in regulated industries (e.g., government, healthcare, financial services).
  • Working knowledge of cybersecurity, data privacy, or third-party risk management.

Responsibilities

  • Conduct and coordinate enterprise-wide risk assessments to identify and evaluate current and emerging risks.
  • Maintain and continuously improve the organization’s risk register, control libraries, and mitigation plans.
  • Lead root cause analysis and corrective action planning for key risk incidents, control failures, and audit findings.
  • Partner with IT and Procurement to assess and monitor third-party risk, including due diligence, contract risk review, and ongoing oversight.
  • Support the cybersecurity team in aligning risk management practices with frameworks such as NIST, ISO, and other industry standards.
  • Ensure adherence to internal policies, regulatory requirements (e.g., SOX, GDPR, HIPAA), and industry standards.
  • Monitor compliance metrics and escalate issues requiring executive visibility.
  • Contribute to the development, maintenance, and communication of risk-related policies, procedures, and training programs.
  • Prepare risk dashboards, heat maps, and executive summaries for the Director of Risk & Security, senior leadership, and audit committees.
  • Serve as a primary liaison for external auditors, regulators, and business unit leaders.
  • Communicate complex risk topics clearly to both technical and non-technical audiences.
  • Collaborate with IT, Legal, Product, and other departments to assess operational, cybersecurity, and third-party risks.
  • Promote a culture of risk awareness, accountability, and continuous improvement across the organization.

Benefits

  • competitive benefits and salaries
  • personal and professional development opportunities
  • flexibility
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service