Director, Risk Management

Our Client: A leading global consumer packaged goods (CPG) company renowned for delivering some of the most recognized and trusted products in the market.

Location: Mississauga

• Oversee and manage all aspects of risk within the business unit, conducting ongoing assessments to determine required actions to strengthen risk management or reduce exposure in alignment with the unit’s risk profile and tolerance levels.
• Lead issue management by collaborating with business lines to develop and execute actionable plans that achieve desired outcomes within set timelines, while identifying patterns and implementing comprehensive remediation strategies.
• Serve as a subject matter expert, offering day‑to‑day guidance to business units on the effective implementation of regulations, internal policies, and industry best practices through procedures and operational guidelines.
• Conduct in‑depth risk assessments and provide strategic advice on appropriate risk mitigation measures.
• Facilitate risk and control self‑assessments (RCSA) across technology business lines, ensuring accurate evaluation and documentation of key risks and controls.
• Advise business units on risk and control considerations related to new products, processes, and strategic initiatives, supporting governance processes and ensuring proper control frameworks are in place.
• Provide risk coverage across programs by enabling consistent risk identification and treatment across all relevant systems and processes.

• 10+ years of experience in Information Technology, Information Security (preferably in the Application Security space), and/or Business Continuity.
• 5+ years of risk management experience gained from working in the financial services industry, preferably in Technology Risk or Operational Risk.
• Experience in an organization that is under strong regulatory oversight and scrutiny.
• Intermediate knowledge of internal controls and risk self‑assessment.
• Basic knowledge of business area processes and/or products and operations; regulatory requirements; and key processes, controls, and exposure areas.
• Understanding of FFIEC guidelines and handbooks, GLBA, SOX, PCI.
• Knowledge of industry‑recognized frameworks such as ISO 27001, ISO 20000, ISO 9001, ISO 31000, ISO 22301, COBIT, COSO, ITIL.
• Ability to analyze and synthesize many risk data points and help the business to prioritize mitigation.
• Analytical thinking skills.
• Strong business writing skills.
• Ability to effectively communicate with all levels of the organization.

Please e‑mail your resume to apply@prestonlang.com quoting JO103242 in the subject line.

We thank you in advance for your application; however, only those selected for an interview will be contacted.