Our client, a major Canadian enterprise, is seeking a Technology Risk Manager with experience analyzing operational risk events, overseeing change management risks, and supporting control assessment and testing to validate the design, implementation, and operating effectiveness of key controls.
The candidate will work in a medium sized team of between 5-15 people.
...
-----------------------------------------------------------------------------------------------------
Advantages
Working with a leading provincial based financial institution.
Consistent Hours: Enjoy a stable 40-hour work week with a predictable schedule for scheduled maintenance.
Growth Potential: This contract includes a strong possibility of extension based on performance and project needs
Responsibilities
In the capacity of IT Risk Manager, you will collaborate with the Senior Risk Manager to enhance operational resilience framework. Responsibilities include analyzing operational risk events, overseeing change management risks, and supporting control assessment and testing to validate the design, implementation, and operating effectiveness of key controls.
The successful candidate will support adoption of the OSFI E-21 Operational Risk and Operational Resilience guidelines for critical CXT operations, identify control gaps, document findings, and work with stakeholders on remediation plans, management action plans, and formal risk acceptance where required.
The role will also include developing governance guidelines, operational job aids, and performance dashboards, while integrating operational resilience and control testing activities into broader enterprise risk management programs.
Direct the analysis of operational risk events to ensure the identification of root causes and the implementation of robust corrective and preventive measures, thereby mitigating the risk of future operational disruptions.
Evaluate operational risk event impacts in accordance with criteria, ensuring all significant occurrences are reported as operational losses or near misses to fulfill regulatory reporting requirements.
Review and authorize major IT changes by verifying risk assessments and approving stakeholder-vetted controls for implementation, testing, and contingency planning to ensure successful results.
Plan, execute, and document control testing to assess the design and operating effectiveness of key controls, identify control gaps, and escalate deficiencies in a timely manner.
Oversee root cause analysis for failed IT changes to develop preventive strategies and reduce future implementation failures.
Facilitate OSFI E21 implementation by providing strategic oversight and expert guidance on critical operations mapping, setting disruption tolerances, and managing the development and testing of severe but plausible event scenarios.
Validate technology and data risks against appetite, documenting mitigation plans and facilitating formal risk acceptance when required.
Enhance operational risk analysis, change oversight, and resilience initiatives. Ensure integration with enterprise programs like NIRAP, RCSA, and BCP (BIA, BCP, DRP), while aligning with Third-Party Risk, Cybersecurity, and Regulatory Risk Management.
Monitor remediation for deficiencies in incident management, change management, or resilience management, ensuring timely resolution and thorough GRC documentation.
Develop and report on key performance indicators and risk metrics to inform program maturity and decision-making.
Coach and mentor team members to support development in risk management practices and professional growth.
Qualifications
Technical & Professional Experience
Minimum 5–7 years of experience in risk management, IT audit, regulatory compliance, or technology governance roles.
Demonstrated expertise in control testing, regulatory compliance frameworks, and governance processes.
Experience leading or supporting the implementation of OSFI Guidelines (e.g., OSFI E 21, B10, B13)
Strong knowledge of risk management frameworks (e.g., COSO, COBIT, ISO 31000), and governance tools (e.g., Metricstream, Archer, ServiceNow GRC, or equivalent)..
Exceptional analytical skills with the ability to synthesize complex information and develop clear, actionable insights.
Strong written and verbal communication skills, with experience presenting findings and recommendations to senior leadership.
Proficiency in leveraging automation, data analytics, or AI in support of operational resilience program enhancements is considered an asset.
Education
Bachelor’s degree in Business, Information Systems, Accounting, Risk Management, or a related discipline is required.
Certifications
One or more of the following designations strongly preferred:
Certified Information Systems Auditor (CISA)
Certified Information Security Manager (CISM)
Certified Internal Auditor (CIA)
Certified Risk Management Assurance (CRMA)
Certified Information Systems Security Professional (CISSP)
Summary
Position Title: Technology Risk Manager
Position Type: Contract (Possibility of extension)
Hours: 40 hours/week
Location: Hybrid, Calgary (1 day/week)
Pay Rate: $64-80/hr INC
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more
Our client, a major Canadian enterprise, is seeking a Technology Risk Manager with experience analyzing operational risk events, overseeing change management risks, and supporting control assessment and testing to validate the design, implementation, and operating effectiveness of key controls.
The candidate will work in a medium sized team of between 5-15 people.
-----------------------------------------------------------------------------------------------------
Advantages
Working with a leading provincial based financial institution.
Consistent Hours: Enjoy a stable 40-hour work week with a predictable schedule for scheduled maintenance.
Growth Potential: This contract includes a strong possibility of extension based on performance and project needs
Responsibilities
In the capacity of IT Risk Manager, you will collaborate with the Senior Risk Manager to enhance operational resilience framework. Responsibilities include analyzing operational risk events, overseeing change management risks, and supporting control assessment and testing to validate the design, implementation, and operating effectiveness of key controls.
...
The successful candidate will support adoption of the OSFI E-21 Operational Risk and Operational Resilience guidelines for critical CXT operations, identify control gaps, document findings, and work with stakeholders on remediation plans, management action plans, and formal risk acceptance where required.
The role will also include developing governance guidelines, operational job aids, and performance dashboards, while integrating operational resilience and control testing activities into broader enterprise risk management programs.
Direct the analysis of operational risk events to ensure the identification of root causes and the implementation of robust corrective and preventive measures, thereby mitigating the risk of future operational disruptions.
Evaluate operational risk event impacts in accordance with criteria, ensuring all significant occurrences are reported as operational losses or near misses to fulfill regulatory reporting requirements.
Review and authorize major IT changes by verifying risk assessments and approving stakeholder-vetted controls for implementation, testing, and contingency planning to ensure successful results.
Plan, execute, and document control testing to assess the design and operating effectiveness of key controls, identify control gaps, and escalate deficiencies in a timely manner.
Oversee root cause analysis for failed IT changes to develop preventive strategies and reduce future implementation failures.
Facilitate OSFI E21 implementation by providing strategic oversight and expert guidance on critical operations mapping, setting disruption tolerances, and managing the development and testing of severe but plausible event scenarios.
Validate technology and data risks against appetite, documenting mitigation plans and facilitating formal risk acceptance when required.
Enhance operational risk analysis, change oversight, and resilience initiatives. Ensure integration with enterprise programs like NIRAP, RCSA, and BCP (BIA, BCP, DRP), while aligning with Third-Party Risk, Cybersecurity, and Regulatory Risk Management.
Monitor remediation for deficiencies in incident management, change management, or resilience management, ensuring timely resolution and thorough GRC documentation.
Develop and report on key performance indicators and risk metrics to inform program maturity and decision-making.
Coach and mentor team members to support development in risk management practices and professional growth.
Qualifications
Technical & Professional Experience
Minimum 5–7 years of experience in risk management, IT audit, regulatory compliance, or technology governance roles.
Demonstrated expertise in control testing, regulatory compliance frameworks, and governance processes.
Experience leading or supporting the implementation of OSFI Guidelines (e.g., OSFI E 21, B10, B13)
Strong knowledge of risk management frameworks (e.g., COSO, COBIT, ISO 31000), and governance tools (e.g., Metricstream, Archer, ServiceNow GRC, or equivalent)..
Exceptional analytical skills with the ability to synthesize complex information and develop clear, actionable insights.
Strong written and verbal communication skills, with experience presenting findings and recommendations to senior leadership.
Proficiency in leveraging automation, data analytics, or AI in support of operational resilience program enhancements is considered an asset.
Education
Bachelor’s degree in Business, Information Systems, Accounting, Risk Management, or a related discipline is required.
Certifications
One or more of the following designations strongly preferred:
Certified Information Systems Auditor (CISA)
Certified Information Security Manager (CISM)
Certified Internal Auditor (CIA)
Certified Risk Management Assurance (CRMA)
Certified Information Systems Security Professional (CISSP)
Summary
Position Title: Technology Risk Manager
Position Type: Contract (Possibility of extension)
Hours: 40 hours/week
Location: Hybrid, Calgary (1 day/week)
Pay Rate: $64-80/hr INC
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more