Partner, Risk Services

Imagine being part of a team where human connection underlies everything we do – a place where great people come together to help our clients, colleagues and communities thrive. That’s Doane Grant Thornton. Or, as we like to say, living our purple. We’re a large and growing professional services firm that still feels like a community. That’s most important to us. We employ about 3000 people across Canada, building a thriving organization that’s purpose‑driven.

Doane Grant Thornton holds a strong commitment to our values of collaboration, leadership, excellence, agility, respect, and responsibility.

We have an exciting career opportunity for an experienced Partner, Risk Services to contribute to the leadership, growth, and development of our Governance Risk and Compliance (GRC) practice in Ontario. You will help shape client experience, drive business development, and lead, coach and mentor teams, working closely with the Assurance Practice across Ontario, and collaborating with Risk Services Partners nationally. We work as a team and go to market as one team in a culture where colleagues have your back, and where you will be appreciated, valued, and inspired.

Step into a high‑growth business unit where your expertise in internal controls and risk management delivers personalized assurance, advisory, compliance and consulting solutions designed to reflect the client's unique needs, whether Canadian Corporations, Public and Privately‑Held Business.

In this role you will help organizations navigate through the complexities of:

• Information Technology Assurance
• 3rd Party Service Provider Assurance – SOC 1 & SOC 2, CSAE 3416/3000
• Governance
• Risk Management
• Internal Audit
• Internal Controls over Financial Reporting (ICFR) – SOX / NI 52‑109

As a Partner, Risk Services, our accountabilities include:

Championing the growth, development, and management of the Risk Services practice in Toronto that complements, and is supported by, the firm’s overall strategy for growth.

Mentor and coach managers and senior associates: oversee work plans; provide timely feedback; and invest in professional growth.

Business development: Collaborate with senior leadership, partners, and marketing to target and build relationships with prospects, and cross‑sell across with other Doane Grant Thornton service lines to deliver integrated solutions that maximize clients’ business value and operational goals.

Client engagement: Build trusted relationships with client executives by understanding their industries, challenges, and business objectives, while managing diverse local, national, and international risk‑based engagements focused on IT Assurance and Advisory Services including:

• Controls placed in operation at service organizations based on various reporting standards (e.g., SOC 1 (SSAE 18 / CSAE 3416), SOC 2, CSAE 3000).
• Internal audit projects that focus on IT controls, cybersecurity, privacy, business continuity, disaster recovery and data analytics.
• Procedures to evaluate the design and test the operating effectiveness of Information Technology General Controls (ITGCs) as part of financial statement audits as well as CEO / CFO certification (i.e., SOX / NI 52‑109).
• Ensure technical excellence and regulatory compliance across SOC, ICFR, and technology risk mandates.

Quality Leadership: Serve as Engagement Partner and provide second‑level quality review on engagements when needed.

This position is for an individual proficient in IT Assurance and Advisory services with the opportunity to also work with our Governance, Risk and Compliance clients; as well as be part of a team that is a CPA pre‑approved training office.

• Post‑secondary degree in business management, commerce, accounting, information technology, or related field.
• Professional designations are an asset: CPA, CISA, CISSP, CIA, CRMA.

• 10+ years of advisory and assurance experience conducting audits and risk‑based assessments (financial, operational, internal audit, and IT).
• Hands‑on Technology Risk Management expertise (ITGCs; cybersecurity; privacy; BC/DR; data analytics).
• Practical experience delivering SOC 1 (SSAE 18/CSAE 3416) and SOC 2 (CSAE 3000) engagements end‑to‑end (readiness, controls design, testing, reporting).
• Experience with complex platforms (example: Oracle, SAP, Microsoft Dynamics 365) and modern cloud/control frameworks.
• Proven ability to build networks and business development, supporting growth of the Risk Services practice.
• Demonstrated leadership and team development skills, with a strong commitment to actively contribute to the professional growth for yourself and those you lead.
• Strong project management leadership: scoping, resourcing, delivery governance, financial management, risk and issue resolution, with well‑developed analytical skills and unstructured problem‑solving skills.
• Excellent communication (written and verbal), executive presence, and attention to detail; ability to influence decision‑makers and rally cross‑functional resources and work together to meet the needs of stakeholders. Ability to travel across the Greater Toronto Area and other locations, as needed.

We look forward to your application.