Manager, Technology & Data, Assurance and Advisory (A&A)

• Full-time

Make an impact at a global and dynamic investment organization

When you join CPP Investments, you are joining one of the world’s most admired and respected institutional investors. As a professional investment management organization, CPP Investments invests the funds of the Canada Pension Plan (CPP) to help ensure its financial sustainability for generations of working and retired Canadians.

CPP Investments invests across regions and asset classes to build a globally diversified portfolio. It holds assets in public equity, private equity, real estate, infrastructure, and fixed income, and the CPP Fund is projected to reach $3.6 trillion in assets by 2050. The organization is headquartered in Toronto with offices in Hong Kong, London, Mumbai, New York City, San Francisco, São Paulo, and Sydney.

CPP Investments successfully attracts, selects, and retains talented individuals from top-tier institutions worldwide. Join our team for access to:

• Stimulating work in a fast-paced and intellectually challenging environment
• Accelerated exposure and responsibility
• Diverse and inspiring colleagues and approachable leaders
• A hybrid-flexible work environment with an emphasis on in-person collaboration
• A culture rooted in principles of integrity, partnership, and high performance
• An organization with an important social purpose that positively impacts lives

If you have a passion for performance, value a collegial and collaborative culture, and approach work with the highest integrity, invest your career here.

Our Assurance & Advisory (A&A) team plays a critical role in evaluating and enhancing CPP Investments' technology risk management, IT governance, cybersecurity, and data governance frameworks. We are seeking a Manager, Technology & Data, A&A to lead and execute high-impact technology audits and advisory engagements.

This role requires 7+ years of experience in IT auditing, technology risk management, or cybersecurity, with expertise in IT governance, data analytics, and emerging technology risks.

Role Overview

Reporting to a Director, A&A, the Manager, Technology & Data, A&A, will be responsible for leading and executing technology-focused audits, providing strategic insights on IT risk management, and ensuring compliance with industry standards and best practices. You will work closely with senior leadership, risk management, and compliance teams to enhance CPP Investments' technology governance and cybersecurity posture.

This role will provide execution, guidance, and training to the broader A&A team, ensuring comprehensive coverage of technology risks within the audit universe. All activities will be conducted in strict adherence to the International Standards for the Professional Practice of Internal Auditing, as well as accepted industry practices and other recognized frameworks that exceed the profession’s mandatory requirements.

Key Responsibilities

• Lead and participate in technology audits, evaluating the design and effectiveness of controls related to:

• Technology infrastructure (networks, servers, databases)
• Enterprise applications and systems
• Cybersecurity frameworks and controls
• Cloud services (Azure)
• Identity Access Management (IAM) and data security
• ITGCs, interface, and application controls

• Develop and implement audit approaches and coverage strategies to ensure comprehensive risk assessment
• Provide assurance over key risk management strategies, ensuring alignment with industry best practices
• Provide coaching and guidance to junior auditors to ensure timeliness and quality of deliverables
• Perform continual assessment of emerging risks, suggesting adjustments to audit plans accordingly
• Ensure audit work is conducted in accordance with industry standards (e.g., ISACA, IIA, NIST, ISO 27001, COBIT)
• Document audit findings and recommendations in a clear, concise, and actionable manner for senior leadership

2. Strategic Advisory & Stakeholder Collaboration

• Work closely with Technology & Data leadership, Enterprise Risk, and Compliance teams to align audit activities with business objectives
• Act as a trusted advisor to business units, offering insights on best practices for IT governance, risk, and compliance
• Influence strategic decisions by providing data-driven insights on IT risk management
• Foster strong relationships with business partners and other stakeholders to enhance risk awareness and control effectiveness
• Leverage data analytics and automation to enhance audit efficiency and effectiveness
• Stay updated on emerging technologies, cybersecurity threats, and regulatory changes to ensure audit methodologies remain relevant
• Analyze complex IT systems to identify areas for improvement and recommend effective solutions
• Communicate complex technical risks in a business-friendly manner to senior leadership

Education & Certifications

• Bachelor’s degree in Computer Science, Information Systems, Business, Accounting, or a related field
• Professional certifications (at least one required): CISA, CISSP, CRISC, CISM, CGEIT, CIA
• Knowledge of IT governance frameworks (COBIT, NIST, ISO 27001) is essential

Professional Experience

• 7+ years of experience in IT auditing, internal audit, technology risk management, or cybersecurity assessments
• Strong understanding of IT general controls (ITGCs), application controls, cloud security, and data governance
• Experience with audit methodologies, risk management practices, and regulatory compliance in financial services or investment management
• Proven ability to write succinct audit findings/reports that provide meaningful insights to senior leadership
• Strong organizational/project management skills, with the ability to manage end-to-end audits and meet multiple deadlines
• Critical thinking and attention to detail: ability to identify risks and assess control effectiveness
• Superior communication skills (written and oral) to present concepts, risks, or technical control gaps simply and effectively
• Strong interpersonal skills for effective cross-functional collaboration
• Willingness to embrace change and leverage new technologies to improve audit processes
• Commitment to ethical auditing practices and professional standards

At CPP Investments, we are committed to diversity and equitable access to employment opportunities based on ability.

We thank all applicants for their interest but will only contact candidates selected to advance in the hiring process.

Our Commitment to Inclusion and Diversity:

We are dedicated to building a diverse workforce and fostering an inclusive, accessible environment. If you require accommodations during the recruitment process, please inform us, and we will work to meet your needs.

Disclaimer:

CPP Investments does not accept resumes from employment placement agencies, head-hunters, or recruitment suppliers not in a formal contractual arrangement. Resumes from unauthorized suppliers will be considered unsolicited and will not be reviewed. We will not pay fees for unsolicited resumes.