Manager, Technology Risk and Control

About The Position

Requirements

• Postsecondary education in business in an IT-related field
• Professional IT audit or risk management certificates, such as a Certified Information System Auditor (CISA), Certified Risk & Information Systems Control (CRISC) or Certified Internal Auditor (CIA)
• 5 to 8 years of work experience in the pension, financial, or investment industry coupled with 10+ years in a management role with a focus on IT audit, governance or operations in a relevant IT environment.
• Effective written and verbal communication skills, including presentations, training sessions and report writing.
• Strong client-service orientation in addition to excellent interpersonal skills, tact and good judgement.
• Proven track record as an effective team player and contributor with a demonstrated ability to meet deadlines consistently.
• Excellent organisational and time management skills with a hands-on approach, driven to deliver results.
• Strong analytical and problem-solving skills.
• Extensive knowledge of information systems concepts for work applications, such as user interfaces, processes, security, database management and reports.
• Extensive knowledge of information systems life cycle activities: functional specifications, conversion and user testing.
• Extensive work process design experience, the development and analysis of options and providing recommendations.
• Demonstrated team leadership skills, including coaching and development of technical staff.
• Strong interpersonal skills, including the ability to build positive and productive relationships with other teams and individuals both inside and outside the organisation.
• Strong leadership skills with a minimum of 5 years’ experience managing multiple IT teams.
• Demonstrated strong client-service orientation, sound judgement, good organisational skills and personal flexibility.
• Proven strong analytical and problem-solving skills and demonstrated ability in project management.
• Demonstrated ability to meet deadlines consistently and multitask in a high-pressure environment.
• Excellent understanding of the organisation's goals and objectives.
• Highly self-motivated.
• Keen attention to detail.
• Ensure clear understanding and adherence to all OPTrust’s policies, procedures, and guidelines as well as living our values and fostering an inclusive culture.
• Knowledge and skillsets in application controls, data governance, system development, outsourcing and IT infrastructure gained through a combination of advanced education and work experience in a technical capacity.
• Experience with the preparation and delivery of training to support new work processes and application introduction.
• Experience leading and managing projects – demonstrated understanding of the process of planning and implementing projects within budget and on time.
• Significant experience in planning, budgeting, policy & standards development, prioritization and business activity co-ordination.

Responsibilities

• Lead and manage IT audit activities, including planning, executing, and reporting on external and internal IT audit projects.
• Communicate audit findings and recommendations to senior management, including identifying areas for improvement and providing guidance on how to remediate control deficiencies.
• Develop and implement action plans to address audit findings and recommendations, working closely with business partners to ensure timely and effective remediation.
• Monitor and report on IT risk management activities, including ensuring that the risk mitigation strategies are effectively implemented and are achieving their intended results.
• Evaluate the effectiveness of existing internal control processes and identify areas for improvement and develop processes and enhancements to strengthen and mitigate risks.
• Ensure compliance with regulatory requirements and industry best practices, provide guidance and training to team members and business partners on internal control concepts and requirements.
• Manage IT risks within the organization, including identifying, assessing, and prioritizing IT risks, and developing and implementation of risk mitigation strategies.
• Create and conduct periodic reviews and testing of internal controls and report on areas of opportunities to mitigate risk.
• Ensure baseline standards are followed and anomalies or exceptions are documented approved and filed for audit purposes.
• Responsible for IT Technical Change Management; responsible for managing all IT documentation & maintenance of records.
• With input from Managers, prepare, negotiate, establish and monitor Service Level Agreements (SLA) with the organizations that consume IT services.
• Measure and report on vendor SLAs and KPIs.
• Responsible for coordinating the periodic execution of the activities required to test the IT Disaster Recovery and Business Continuity Plan.
• Develop and keep current policies, processes and procedures for the IT team including audit and governance procedures.
• Responsible for building, developing, and supporting teams that are capable, responsive and aligned to the needs of the organization.
• Responsible for team recruitment, including development of job specifications as required, interviewing and assessment of candidates.
• Performance management and coaching of the management team and staff, including management of probationary periods, performance assessment, and feedback.
• Responsible for annual budget preparation and on-going monitoring of budget.
• Provides leadership and advice on strategy, planning, staffing and operations as a member of the IT management team.
• Participates in special projects and committees as required.
• Promotes and enhances the desired OPTrust culture and values within the division and the organization.
• Other duties as assigned.

Benefits

• Comprehensive benefits focused on your health and wellness, including dental, vision and extended health benefits
• membership in our world-class defined benefit pension plan
• A flexible, hybrid work model
• Extensive professional development opportunities and learning initiatives including access to LinkedIn Learning, guest speakers, tuition reimbursement, professional association memberships, leadership development programs, a mentorship program, monthly professional development time and more.
• A competitive vacation package with additional work-life balance day.