Senior Manager, IT Risk & Governance Oversight (CTC) @ Questrade Financial Group

Questrade Financial Group (QFG), through its companies - Questrade, Inc., Questrade Wealth Management Inc., Community Trust Company, ThinkInsure, Zolo, and Flexiti, provides securities and foreign currency investment, professionally managed investment portfolios, mortgages, insurance, real estate services, financial services, and more. Questrade uses cutting-edge technologies to develop innovative products that give customers better, more affordable ways to take control of their money.

We are a forward-thinking financial institution, constantly innovating in fintech. At QFG, you will join a collaborative team that values our mission and each other. We promote continuous growth in a diverse, inclusive, hybrid work environment, encouraging creativity and curiosity.

What’s in it for you?

• Health & wellbeing programs
• Paid vacation, personal, and sick days
• Competitive compensation and benefits
• Hybrid work environment with at least 3 days in office
• Career development opportunities
• Community involvement
• Diverse, inclusive team environment

We are seeking our next Senior Manager, IT Risk & Governance Oversight. Could it be you?

Reporting to the Director, Operational Risk & Resilience, this role oversees the Technology risk management and governance framework. Technology services at Community Trust Company (“CTC”) are outsourced, but risk oversight remains within CTC.

This role involves providing oversight and challenge to outsourced technology functions, monitoring risk exposure, and ensuring controls are effective. You will be a subject matter expert on Technology risks, collaborating with various governance teams, and ensuring the confidentiality, integrity, and availability of information assets.

Responsibilities include designing and overseeing technology risk assessments, control testing, and validation of IT and cybersecurity controls. Strong technical expertise is essential for evaluating risk management practices, analyzing performance metrics, and reporting to management and regulators.

Key duties:

• Challenging and overseeing IT & Cyber risk management practices
• Maintaining expertise on regulatory requirements and industry best practices
• Reviewing and validating IT and cybersecurity controls
• Managing risks of outsourced technology functions
• Monitoring risk indicators and reporting on risk exposure
• Collaborating with audit, compliance, and risk teams
• Evaluating new initiatives and changes for risk impact
• Developing and maintaining risk management frameworks
• Reviewing cybersecurity testing results
• Supporting IT business continuity and disaster recovery planning
• Providing risk guidance during security incidents
• Delivering risk awareness training
• Preparing risk reports for senior management and regulators
• Ensuring compliance with laws and regulations

Qualifications:

• 7-10 years in Technology Risk Management, Governance, or IT Audit in financial services
• Degree in Computer Science, MIS, or related field or equivalent experience
• Certifications like CISA, CRISC, CGEIT, CISM (or working towards)
• Knowledge of industry standards (COBIT, ITIL, NIST CSF)
• Leadership experience in Service Quality Assurance
• Experience with risk and control frameworks, KPIs, KRIs
• Strong communication skills for technical and non-technical audiences
• Proficiency in writing procedures and building governance solutions
• Experience in Business Continuity and Disaster Recovery
• Ability to produce reports for senior management
• Proficiency with Microsoft Office, Google Suite, Power BI, etc.

If you are interested, click below to apply! #LI-NP1 #LI-Hybrid

We promote a diverse, inclusive, accessible workplace where all individuals are valued and supported. Our team reflects the communities we serve, fostering innovation and growth in fintech.

Note: Our applicant tracking system uses AI for screening, with final decisions reviewed by humans. Candidates will be contacted for interviews, and accommodations are available upon request.