Director, IT Risk Management

You are as unique as your background, experience and point of view. Here, youll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.

Job Description:

We seek an experienced and dynamic Director, IT Risk Management to lead the identification, assessment, and mitigation of IT risks across the Digital Business & Technology Solutions (DBTS) business group. This role will oversee the development and implementation of comprehensive IT risk management strategies.

The Director will collaborate with senior leadership, IT teams across DBTS, and other departments across Sun Life globally to ensure a proactive and comprehensive approach to IT risk management.

Key Responsibilities

• Risk Control Self Assessments (RCSA) : Lead the identification, evaluation, and assessment of information technology risks through RCSA process across DBTS. Monitor and report on status of any mitigating action plans.
• Policy Review: Participate in the review of IT policies, operating guidelines and directives.
• Incident Response and Crisis Management : Maintain an inventory of all technology and cyber incidents both reportable and not reportable.
• Key Risk Indicators (KRI) : responsible for ensuring DBTS KRIs are established, updated, monitored, and reported on.
• Technology & Cyber Governance Model : Annual review, maintenance, and obtain approval of Sun Lifes technology and cyber governance model.
• Operational Risk Events (ORE) : responsible for ensuring that operational risk events are reported, tracked, actioned, and closed.
• Regulatory : Lead the consolidation of quarterly supervisory materials for DBTS executives. Assist as needed on regulatory projects and requests related to technology and cyber.
• Team Leadership and Development : Lead and mentor the IT risk management team, providing guidance on best practices, professional development, and performance goals. Foster a culture of risk awareness throughout the organization.
• Stakeholder Communication : Produce the quarterly risk committee report for DBTS executive team. Report regularly to senior leadership and other stakeholders on the current state of IT risks, mitigation efforts, and any new threats or vulnerabilities as needed.
• Collaboration : Work closely with Sun Life second-line risk teams to ensure a comprehensive view of IT risks across the enterprise.
• GRC Technology : Day to day management of the Governance, Risk, and Compliance tool used to support DBTS controls, waivers, and accepted risks. Ensure that the Corporate Risk systems are updated with relevant RCSA, ORE, and KRI data.
• Continuous Improvement : Stay up to date with the latest developments in IT security, risk management practices, and emerging technologies. Recommend and implement improvements to existing risk management processes and tools.

Qualifications

• Education : Bachelors degree in information technology, Cybersecurity, Risk Management, or a related field. A masters degree or relevant certifications (e.g., CISSP, CISM, CRISC) is an asset.
• Experience : At least 10 years of experience in IT risk management, with at least 5 years in a leadership role. Strong background in IT security, governance, compliance, and risk management frameworks.
• Skills :
  • Extensive knowledge of IT risk management, cybersecurity principles, and compliance standards.
  • Experience in crisis management and incident response.
  • Proven ability to lead and develop a team.
  • Familiarity with risk management frameworks such as NIST, ISO 27001, COBIT, and ITIL.
  • Experience with insurance, banking, or other financial services environments is preferred.
  • Experience with ServiceNow would be an asset.
  • Excellent communication and interpersonal skills, with the ability to communicate complex technical concepts to non-technical stakeholders.
  • Strong analytical, problem-solving, and decision-making skills.
• Certifications : Professional certifications such as CISSP, CISM, CRISC, or other relevant certifications are assets.

Work Environment & Physical Requirements

• Ability to work in a fast-paced, evolving environment.
• Flexible work hours may be necessary during periods of critical incidents or project deadlines.

Whats in it for you?

• Great Place to Work Certified for Most Trusted Executive Team in Canada 2025, 2024 and 2023
• Great Place to Work Certified for Best Workplaces in Canada - 2025
• Canada Order of Excellence for Mental Health at Work certification from Excellence Canada. Sun Life is one of only four companies in Canada to ever receive this certification 2024
• Top Work Places for Remote Work Monster Canada - 2024
• Great Place to Work Certified for Best Workplaces in Canada 2024 and 2022
• Great Place to Work Certified for Best Workplaces for Women in Canada - 2024
• Flexible hybrid work model. #LI-Hybrid.
• Pension, stock and savings programs to help build and enhance your future financial security
• Work and professional development that is united by our Purpose: to help Clients and Employees achieve lifetime financial security and live healthier lives
• A friendly, collaborative and inclusive culture
• Be part of our continuous improvement journey in developing the next greatest digital enterprise experience.
• Competitive salary and bonus structure influenced by market range data
• The opportunity to move along a variety of career paths with amazing networking potential

The Base Pay range is for the primary location for which the job is posted. It may vary depending on the work location of the successful candidate or other factors. In addition to Base Pay, eligible Sun Life employees participate in various incentive plans, payment under which is discretionary and subject to individual and company performance. Certain sales focused roles have sales incentive plans based on individual or group sales results.

Diversity and inclusion have always been at the core of our values at Sun Life. A diverse workforce with wide perspectives and creative ideas benefits our clients, the communities where we operate and all of us as colleagues. We welcome applications from qualified individuals from all backgrounds.

Persons with disabilities who need accommodation in the application process or those needing job postings in an alternative format may e-mail a request to thebrightside@sunlife.com .

At Sun Life we strive to create a flexible work environment where our employees are empowered to do their best work. Several flexible work options are available and can be discussed throughout the selection process depending on the role requirements and individual needs.

We thank all applicants for showing an interest in this position. Only those selected for an interview will be contacted.

Salary Range:

Job Category:

Posting End Date: