OMERS Administration Corporation

Manager, Technology Risk & Controls

OMERS Administration Corporation$103K — $157K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Degree in Business, Technology, Risk Management, Cybersecurity, or related field with 5-7 years of relevant experience.
  • Strong knowledge of technology risk management, cybersecurity principles, and IT General Controls (ITGCs).
  • Proven leadership experience in professional services or Big 4 environments.
  • Excellent analytical, communication, and stakeholder management skills.
  • Experience leveraging automation and AI in risk management.
  • Highly organized and proactive with strong proficiency in Excel, PowerPoint, and Word.

Responsibilities

  • Lead the development and enhancement of the Operational Technology Cybersecurity Framework.
  • Oversee risk identification, assessment, and mitigation processes.
  • Ensure effective design and operation of cybersecurity controls and ITGCs.
  • Drive remediation for audit findings and control deficiencies.
  • Maintain the Technology Risk Register aligned with enterprise standards.
  • Deliver executive-level reporting and insights on technology risk.
  • Lead cybersecurity awareness initiatives and monitor regulatory trends.

Benefits

  • Group benefits and retirement plans eligibility.
  • Annual incentives based on Short-term and Long-term Incentive plans.
  • Opportunity to develop a high-performing team in a collaborative environment.
Full Job Description

The Manager, Technology Risk & Controls leads the Technology Risk and Cybersecurity Assurance function within Internal Controls at Oxford. Reporting to the Senior Manager, Internal Controls, this role is accountable for establishing and operating the technology risk and cybersecurity assurance framework across the organization.

Operating in a dynamic environment, the Manager leads a team of Senior Analysts and is responsible for navigating ambiguity, building structure, and driving outcomes. The role partners with Technology, Operations, and business leadership to embed a strong control environment and enable risk-informed decision-making.

As a trusted advisor, the Manager is accountable for identifying, assessing, and mitigating technology risks across systems, infrastructure, OT, and third-party services, including oversight of IT General Controls (ITGCs) supporting financial and operational reporting.

You will be responsible for:

Technology Risk & Cybersecurity Assurance

  • Lead the development, implementation, and continuous enhancement of the Operational Technology Cybersecurity Framework, including maturity assessments across assets, systems, and applications

  • Oversee technology risk identification, assessment, and mitigation

  • Ensure appropriate cybersecurity controls and ITGCs are designed and operating effectively across internal teams and managed service providers

  • Drive timely remediation of risks, audit findings, and control deficiencies

Risk Management and Reporting

  • Own and maintain the Technology Risk Register aligned with enterprise risk standards

  • Define and monitor KRIs to assess risk exposure and control effectiveness

  • Perform thematic analysis to identify emerging risks, trends, and systemic control gaps across the technology landscape

  • Deliver executive-level technology risk reporting and insights to senior leadership and Operational Risk

  • Support Business Impact Analysis (BIA) and Business Continuity Planning (BCP) activities

Governance, Policies and Frameworks

  • Develop and continuously improve technology risk policies, standards, and procedures

  • Ensure alignment with enterprise frameworks and leading practices (NIST, ISO, COBIT, CIS)

  • Embed risk management into technology operations, projects, and delivery processes

Stakeholder Management, Advisory, and Assurance

  • Serve as a trusted advisor to Technology, Operations, and business leaders, providing risk-based guidance and fostering a strong risk-aware culture.

  • Lead internal and external technology risk, cybersecurity, and ITGC audits, including stakeholder coordination, assurance requests, response management, and deliverable quality review.

  • Drive accountability for the timely remediation of audit findings, control deficiencies, and key technology risks.

  • Represent Service Assurance in governance forums, steering committees, and cross-functional initiatives, influencing risk-informed decision-making aligned with business objectives.

  • Conduct targeted reviews of systems, processes, and controls to assess risk exposure, control effectiveness, and improvement opportunities.

Training, Awareness and Continuous Improvement

  • Lead cybersecurity and technology risk awareness initiatives, developing guidance and training to strengthen risk management and control practices.

  • Monitor regulatory developments and industry trends, ensuring frameworks, processes, and tools remain aligned with leading practices.

  • Drive continuous improvement by enhancing risk management capabilities, promoting proactive risk identification, and fostering a strong risk-aware culture.

Leadership and People Management

  • Lead, mentor, and develop a high-performing team, fostering a collaborative, accountable culture while building capability in technology risk, cybersecurity, and assurance.

  • Set clear expectations, manage priorities, and provide direction in complex or ambiguous situations to ensure the timely delivery of high-quality outcomes.

Required Skills & Experience

  • Degree in Business, Technology, Risk Management, Cybersecurity, or a related field, with 5–7 years of experience in technology risk, cybersecurity, internal controls, audit, or regulatory compliance.

  • Strong knowledge of technology risk management, cybersecurity principles, IT General Controls (ITGCs), and industry frameworks including NIST, ISO, COBIT, and CIS.

  • Proven experience leading teams, driving accountability, supporting internal and external audits, and operating effectively in professional services or Big 4 environments.

  • Excellent analytical, communication, and stakeholder management skills, with the ability to identify risks and control gaps, influence decision-making, and translate complex issues into actionable insights.

  • Experience leveraging automation and AI to enhance risk management and assurance processes.

  • Highly organized, proactive, and adaptable, with the ability to manage multiple priorities in a fast-paced environment and advanced proficiency in Excel, PowerPoint, and Word.

Preferred Skills & Experience

  • Relevant certifications preferred (CISA, CRISC, CISSP, CISM)

  • Experience with Resolver or similar GRC platforms strongly preferred

We believe that time together in the office is important for OMERS and Oxford, the strength of our employees, and the work we do for our pension members. Our hybrid work guideline requires teams to come to the office a minimum of 4 days per week.

This posting is for an existing vacancy.

The expected salary range for this position is $103,000.00 - $157,000.00 per year.

You may also be eligible to receive an annual Incentive Award pursuant to our Short-term Incentive plan and our Long-Term Incentive plan (if applicable), and to participate in our group benefits and retirement plans – details on these elements of compensation are included within OMERS & Oxford offer letters.

About OMERS Administration Corporation

OMERS Administration Corporation is a Canadian pension fund that manages investments for the Ontario Municipal Employees Retirement System (OMERS). OMERS is one of Canada's largest pension funds, with over 500,000 members and over CAD 100 billion in net assets. OMERS Administration Corporation manages a diversified portfolio of investments across various asset classes, including public equity, private equity, infrastructure, real estate, and fixed income. The company's mission is to provide secure and sustainable pensions to its members while generating returns that help fund their pensions. OMERS Administration Corporation is headquartered in Toronto, Canada.
Learn more about OMERS Administration Corporation
Size
2,700 employees
Industry

Similar Jobs

More Jobs at OMERS Administration Corporation

More Information Technology Jobs

Find similar Manager, Technology Risk & Controls jobs: