Technology Risk And Control Manager

Description:

Manager, Technology Risk and Control

Department: IT Security and Governance, Information Technology Operations and Security
Type: Full-Time - Permanent
Location: Toronto (Hybrid)
Posting Date: April 15th, 2026

At OPTrust, paying pensions today, preserving pensions for tomorrow is our mission and business.

When you choose OPTrust, you join a team of smart, talented people who fuel our success and have a passion for pensions. Everyone at OPTrust – in Toronto, London and Sydney – makes a meaningful impact. Our culture is driven by team members with different backgrounds and perspectives creating an inclusive and fulfilling place to work for everyone. We work in a fast-paced environment, but we find time to have fun and give back to the community.

What OPTrust offers you

Unique culture rooted in our core values – collaboration and teamwork, integrity, respect, flexibility, excellence and continuous improvement.
A purpose-driven environment where we all work towards the common goal of paying pensions today and preserving pensions for tomorrow.
Comprehensive benefits focused on your health and wellness, including dental, vision and extended health benefits, as well as membership in our world-class defined benefit pension plan.
A flexible, hybrid work model.
A dedicated inclusion, diversity and equity strategy with meaningful opportunities to participate, including our employee-led resource groups.
Extensive professional development opportunities and learning initiatives, including access to LinkedIn Learning, guest speakers, tuition reimbursement, professional association memberships, leadership development programmes, a mentorship programme, monthly professional development time and more.
A competitive vacation package with an additional work-life balance day.

About the role 

The Manager, Technology Risk & Control will lead a team responsible for IT audit, IT risk identification and mitigation, and divisional internal control processes. This includes managing responses to internal and external audit requests, overseeing audit execution, and reviewing findings. The role will also oversee Technical Change Management process and maintain the IT General Controls (ITGC) across the division, with a specific focus on designing, assessing, and testing all ITGC controls. The role will also lead / coordinate risk mitigation activities for the divisional operating processes to address the auditor’s recommendations.

What you’ll do

Lead and manage IT audit activities, including planning, executing, and reporting on external and internal IT audit projects.
Communicate audit findings and recommendations to senior management, including identifying areas for improvement and providing guidance on how to remediate control deficiencies!
Develop and implement action plans to address audit findings and recommendations, working closely with business partners to ensure timely and effective remediation.
Monitor and report on IT risk management activities, including ensuring that the risk mitigation strategies are effectively implemented and are achieving their intended results.
Evaluate the effectiveness of existing internal control processes and identify areas for improvement and develop processes and enhancements to strengthen and mitigate risks.
Ensure compliance with regulatory requirements and industry best practices; provide guidance and training to team members and business partners on internal control concepts and requirements.
Manage IT risks within the organisation, including identifying, assessing, and prioritising IT risks and developing and iimplementing risk mitigation strategies.
Create and conduct periodic reviews and testing of internal controls and report on areas of opportunities to mitigate risk.
Ensure baseline standards are followed and anomalies or exceptions are documented, approved and filed for audit purposes.
Responsible for IT Technical Change Management; responsible for managing all IT documentation & maintenance of records.
With input from Managers, prepare, negotiate, establish and monitor Service Level Agreements (SLA) with the organisations that consume IT services. Measure and report on vendor SLAs and KPIs
Responsible for coordinating the periodic execution of the activities required to test the IT Disaster Recovery and Business Continuity Plan
Develop and keep current policies, processes and procedures for the IT team, including audit and governance procedures.

Team Leadership Functions:

Responsible for building, developing and supporting teams that are capable, responsive and aligned to the needs of the organisation.
Responsible for team recruitment, including development of job specifications as required, interviewing and assessment of candidates.
Performance management and coaching of the management team and staff, including management of probationary periods, performance assessment, and feedback.
Responsible for annual budget preparation and ongoing monitoring of budget.
Provides leadership and advice on strategy, planning, staffing and operations as a member of the IT management team.
Participates in special projects and committees as required.
Promotes and enhances the desired OPTrust culture and values within the division and the organisation.
Other duties as assigned.

What you bring

Postsecondary education in business in an IT-related field
Professional IT audit or risk management certificates, such as a Certified Information System Auditor (CISA), Certified Risk & Information Systems Control (CRISC) or Certified Internal Auditor (CIA)
5 to 8 years of work experience in the pension, financial, or investment industry coupled with 10+ years in a management role with a focus on IT audit, governance or operations in a relevant IT environment.
Effective written and verbal communication skills, including presentations, training sessions and report writing.
Strong client-service orientation in addition to excellent interpersonal skills, tact and good judgement.
Proven track record as an effective team player and contributor with a demonstrated ability to meet deadlines consistently.
Excellent organisational and time management skills with a hands-on approach, driven to deliver results.
Strong analytical and problem-solving skills.
Extensive knowledge of information systems concepts for work applications, such as user interfaces, processes, security, database management and reports.
Extensive knowledge of information systems life cycle activities: functional specifications, conversion and user testing.
Extensive work process design experience, the development and analysis of options and providing recommendations.
Demonstrated team leadership skills, including coaching and development of technical staff.
Strong interpersonal skills, including the ability to build positive and productive relationships with other teams and individuals both inside and outside the organisation.
Strong leadership skills with a minimum of 5 years’ experience managing multiple IT teams.
Demonstrated strong client-service orientation, sound judgement, good organisational skills and personal flexibility.
Proven strong analytical and problem-solving skills and demonstrated ability in project management.
Demonstrated ability to meet deadlines consistently and multitask in a high-pressure environment.
Excellent understanding of the organisation's goals and objectives.
Highly self-motivated.
Keen attention to detail.
Ensure clear understanding and adherence to all OPTrust’s policies, procedures, and guidelines as well as living our values and fostering an inclusive culture.
Knowledge and skillsets in application controls, data governance, system development, outsourcing and IT infrastructure gained through a combination of advanced education and work experience in a technical capacity.
Experience with the preparation and delivery of training to support new work processes and application introduction.
Experience leading and managing projects – demonstrated understanding of the process of planning and implementing projects within budget and on time.
Significant experience in planning, budgeting, policy & standards development, prioritization and business activity co-ordination
Exemplify OPTrust’s values: collaboration and teamwork, integrity, respect, flexibility, excellence, and continuous improvement.