job details

As the Director of ERM Cyber Risk, you will report directly to the VP and take the reins of a maturing cyber risk practice. This is a highly autonomous, entrepreneurial role where you will build upon the existing risk registers and control libraries to drive true program automation. Leading a specialized function within the risk department, you will have a massive impact on the organization while gaining exposure to broader enterprise risk domains.

Success Milestones (Your First Year)
By Month 3: Fully map out and develop our technology environment controls.
By Month 6: Successfully identify and stabilize any existing control gaps.
By Month 12: Fully roll out the matured program, achieve meaningful automation, and run the function autonomously with strong, trusted IT relationships.

Advantages
You will have the agility, visibility, and lack of red tape found in a 250-person organization, backed by highly competitive executive compensation, strong equity upside, and a collaborative executive leadership team.

Responsibilities
(Key Responsibilities)
Drive Implementation: Take ownership of technology key risk indicators (KRIs), business continuity, disaster recovery, and operational resilience programs from inception to completion.

Bridge the Gap: Act as a critical 2nd-line partner to our 1st-line technology and architecture teams. Speak their language fluently to navigate, influence, and challenge technical decisions constructively.

Framework & Policy Leadership: Manage and mature our tech and policy frameworks, build robust risk metrics, and provide proactive thought leadership on emerging threat vectors and AI risk management.

Enable the Business: Shift the perception of risk from a compliance roadblock to a collaborative business enabler, explaining the "why" behind risk processes without relying solely on mandates.

Qualifications
(Requirements)
Financial Services Expertise: Deep, practical experience navigating regulatory requirements within banking, lending, or insurance environments-specifically the OSFI framework.

Dual-Perspective Experience: A proven track record working across both 1st-line (technology/infrastructure) and 2nd-line (risk/compliance) functions is highly desirable.

Execution over Certifications: While certifications (like CISA, CRISC, or CISM) are great, we highly prioritize a tangible track record of hands-on framework implementation and program rollouts over theoretical knowledge.

Influencing Power: A strong, collaborative personality capable of building relationships and guiding an opinionated, highly skilled technology department.

Autonomy & Drive: A self-starter mindset. You thrive in environments that grant you the autonomy to build without being micromanaged.

NOTE: We are primarily targeting Director-level professionals, but high-performing Managers or Senior Managers with exceptional operational experience and a readiness to step up are encouraged to apply.

Summary
Please apply today for immediate consideration and a member of our team will be in touch!

This posting is for existing and upcoming vacancies.
show more

share this job.