Director, Technology Risk and Compliance, Digital & Client Technology Solutions

You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.

The Director, Technology Risk and Compliance will strategically develop, lead and oversee risk management and compliance programs for the Digital and Client Technology Solutions (DCTS) area, including: technology audits, business continuity, client assurance/privacy and application security compliance programs. This role will provide governance support and maintain a comprehensive risk management framework across Canada Technology's diverse portfolio.

• Anticipate and respond to emerging technology risks and Canadian regulatory changes affecting the organization
• Collaborate with Canadian senior management on strategic decisions impacting technology risk management
• Lead engagement with Canadian external stakeholders, regulators and industry bodies on complex compliance matters
• Support and coordinate the response to client inquiries on technology security and privacy frameworks

• Oversee comprehensive application security compliance programs spanning DCTS’s multiple disciplines and business units to ensure the framework and standards are adhered to
• Design, implement, and operate effective controls within the system to provide reasonable assurance that Sun Life Canada’s service commitments and system requirements are achieved
• Ensure delivery of audit processes to the adequate satisfaction of internal and external stakeholders from a governance and reporting perspective

• Direct comprehensive reviews of identity, entitlement and privileged access management processes across all critical Canadian applications
• Establish and manage strategic partnerships with Canadian business functions to enhance their access review capabilities and maturity
• Lead the development of Canada-specific risk management policies, standards and best practices ensuring alignment with regulatory requirements and industry frameworks

• Act as the Business Continuity (BC) Coordinator and work with DCTS leaders, Enterprise Services and Corporate BCP and compliance offices ensuring all BC objectives are completed for the DCTS organization in a timely manner, including Disaster Recovery exercises
• Act as the Record Management Subject Matter Expert and focal point for the annual Records Management Inventory review, working with the DCTS leaders
• Identify process-level risks, mitigation plans and communicate
• Manage relationships with senior Canadian leadership, executive levels and external auditors regarding technology risk posture

• Lead a team of 6‑10 resources handling the day‑to‑day activities related to technology risk and compliance for D CTS
• Ensure continual employee knowledge and skill growth through performance management process
• Promote constructive culture and employee engagement and drive for innovative thinking and solutions

• 10 or more years of progressive experience in Information Security, Risk Management or related functions with significant management experience
• Proven track record of leading complex, multi-disciplinary risk and compliance initiatives within large Canadian technology organizations
• Client focused mindset – exceed the expectations of our internal and external customers.
• Deep expertise in operational risk management frameworks and processes
• Comprehensive knowledge of Canadian regulatory compliance requirements and industry standards (ISO 27001, NIST, SOC 2, etc.)
• Exceptional communication and influencing skills with ability to present to Canadian executive leadership and external stakeholders
• Strong business acumen with understanding of Canadian financial services industry and regulatory environment
• Proven ability to build consensus and manage complex stakeholder relationships across Canada Technology

• Advanced certifications: CISSP, CISA, CRISC or equivalent enterprise security certifications
• Experience in Canadian financial services or highly regulated Canadian industries
• Advanced degree in Information Security, Risk Management, Business Administration or related field
• Experience with enterprise GRC (Governance, Risk and Compliance) platforms and advanced analytics tools

Bilingualism (French, English, both oral and written) is required as the position includes managing French and English‑speaking staff (Quebec and outside Quebec) and providing daily support to the team.

• Great Place to Work® Certified for Most Trusted Executive Team in Canada – 2025, 2024 and 2023
• Great Place to Work® Certified for Best Workplaces in Canada - 2025
• Canada Order of Excellence for Mental Health at Work® certification from Excellence Canada. Sun Life is one of only four companies in Canada to ever receive this certification – 2024
• Top Work Places® for Remote Work – Monster Canada - 2024
• Great Place to Work® Certified for Best Workplaces in Canada – 2024 and 2022
• Great Place to Work® Certified for Best Workplaces for Women in Canada - 2024
• Flexible hybrid work model. #LI-Hybrid
• Pension, stock and savings programs to help build and enhance your future financial security
• Work and professional development that is united by our Purpose: to help Clients and Employees achieve lifetime financial security and live healthier lives
• A friendly, collaborative and inclusive culture
• Be part of our continuous improvement journey in developing the next greatest digital enterprise experience.
• Competitive salary and bonus structure influenced by market range data
• The opportunity to move along a variety of career paths with amazing networking potential

The Base Pay range is for the primary location for which the job is posted. It may vary depending on the work location of the successful candidate or other factors. In addition to Base Pay, eligible Sun Life employees participate in various incentive plans, payment under which is discretionary and subject to individual and company performance. Certain sales focused roles have sales incentive plans based on individual or group sales results.

Diversity and inclusion have always been at the core of our values at Sun Life. A diverse workforce with wide perspectives and creative ideas benefits our Clients, the communities where we operate and all of us as colleagues. We welcome applications from qualified individuals from all backgrounds.

Persons with disabilities who need accommodation in the application process, or those needing job postings in an alternative format, may e‑mail a request to thebrightside@sunlife.com.

We are proud to be a hybrid organization that offers our employees the choice and flexibility to work from both the office and virtually based on the needs of the business, our Clients and you! Several work options are available and can be discussed throughout the selection process depending on the role requirements and individual needs.

We thank all applicants for showing an interest in this position. Only those selected for an interview will be contacted.

125,000/125 000 - 195,000/195 000

IT - Technology Services

04/01/2026