Senior Manager, Information Systems Audit

Location: Toronto, ON, CA

Hydro One is proud to be the largest electricity transmission and distribution provider in Ontario, serving nearly 1.5 million customers. We have a long history in the industry with our roots dating back over 110 years to 1906. Since then, we have worked to grow and evolve to meet the changing needs of our customers and communities across Ontario. Today, we’re focused on providing exceptional customer service and ensuring we are building safe communities where we live, work and play.

It’s an exciting time to join the team at Hydro One!

We are seeking a skilled, motivated and engaged IT Auditor to join our Internal Audit Team. As a group we foster a collaborative, positive work environment where each team member’s contribution is valued, and ongoing professional development is encouraged and supported. Our primary focus is on internal controls related to areas of Information Technology, Operational Technology, Technology Project Delivery, Cybersecurity and Physical Security risks.

Report to the Director, IT Audit. Support Hydro One’s Internal Audit function through the planning, execution and reporting on assigned assurance and advisory engagements.

• Establish and maintain effective, collaborative working relationships with colleagues and internal client stakeholders.
• Perform Internal Audit engagements in accordance with Internal Audit’s methodology.
• Collaborate with cross‑functional teams to develop comprehensive audit plans.
• Conduct risk and controls assessments.
• Prepare engagement Terms of Reference, identifying business objective, scope, schedule, resourcing and budget.
• Identify and document sufficient, reliable, relevant and useful information to achieve the engagement objectives.
• Prepare and organize engagement work papers in a way that supports engagement results and conclusions.
• Formulate and clearly document engagement results and recommendations.
• Prepare well‑written, succinct engagement reports and effectively communicate results to internal engagement clients and stakeholders.
• Collaboratively work with engagement clients throughout the engagement lifecycle to obtain management’s concurrence on results and, where appropriate, obtain action plans to address areas of residual risk and improvement.
• Keep abreast of corporate policies, procedures, legal, regulatory requirements, and industry developments in the areas relating to the work.
• Participate and contribute to Internal Audit’s risk‑based audit planning exercises and annual audit plan development.
• Assist in the continual improvement of Internal Audit standards and practices.

Essential Knowledge, Experience and Qualifications

• Requires a bachelor degree in Computer Science, Software Engineering, Information Management, Business Management, or an equivalent combination of experience and/or education.
• Professional designation such as CISA, CISM, CRISC, CISSP, CIPP, PMP and/or CIA is an asset.
• Strong knowledge of Technology Project Delivery and project management techniques, and has provided assurance and advisory services to large transformational projects.
• Strong working knowledge of one or more of the following frameworks: NIST cybersecurity framework, Sarbanes‑Oxley 404 compliance, COBIT, ITIL, NERC CIP and associated regulatory frameworks.
• Broad experience with performing assurance work (audits/reviews), advisory services (consulting), business risk assessments, root cause analysis, and investigations is an asset.
• Project management skills to ensure timely execution of engagement work.
• Proficiency in business writing for the preparation of reports and presentations.
• Effective presentation skills, appropriate for senior management levels.
• Ability to work independently or in small teams, as assigned.
• Requires the following competencies: manages complexity; copes with ambiguity; action‑oriented and resourceful; plans, prioritizes and optimizes work; effective communication, both oral and written; and situational adaptability.
• A minimum period of 5+ years is considered necessary to gain this experience.

Ideal Knowledge, Experience and Qualifications

• Experience performing physical security audits on IT and non‑IT sites.
• Experience performing privacy engagements.
• Working knowledge and/or project experience with SAP ECC or S4 implementations and other enterprise systems.
• An understanding of the electrical utility industry and regulated organizations.
• Understanding of a utilities business model, organizational structure and electricity sector stakeholders.

Hydro One will provide reasonable accommodation for qualified individuals with disabilities in the job application process.

Deadline: November 24, 2025

Hydro One and its partners/affiliates may use AI to screen, assess or select applicants for the position.