Manager, Technology Risk and Controls

Permanent Full Time 

-

The Manager, Technology Risk and Controls is a hands‑on technical manager that supports the engineering, automation, and operationalisation of Technology and Cyber Risk controls and compliance across the enterprise. The role has a strong emphasis on enabling Automated Technology Controls & Testing (ATCTM), Policy‑as‑Code / Compliance‑as‑Code, and GRC platform integration, enabling continuous assurance, audit readiness, and scalable compliance.

This role contributes deep subject‑matter expertise to help translate risk, compliance, and assurance requirements into automated, machine‑readable, and defendable controls, supporting continuous monitoring, audit readiness, and scalable compliance.

What you will do: 

Technology Risk & Controls Engineering

• Manage the design and implementation of automated technology risk and control frameworks aligned to regulatory, audit, and enterprise risk expectations.
• Translate IT and cyber risk requirements into preventive, detective, and corrective control logic.
• Oversee the implementation of continuous controls monitoring (CCM) and automated testing capabilities.

ATCTM (Automated Technology Controls & Testing)

• Manage execution of ATCTM use cases, reducing reliance on manual and sample‑based testing.
• Define control test logic, success criteria, thresholds, and exceptions.
• Ensure controls are repeatable, scalable, and audit‑defensible.

Policy‑as‑Code / Compliance‑as‑Code

• Convert policies and operating standards into machine‑enforceable rules.
• Enable compliance checks within CI/CD pipelines, infrastructure configuration, and security tooling.
• Maintain end‑to‑end traceability from policy → control → automated test → evidence.

GRC Platforms & Integration

• Optimize configuration of ServiceNow IRM based on end-to-end technology risk management process.
• Lead integration of GRC platforms with ATCTM tool.
• Ensure data quality, control consistency, and reporting accuracy across systems.

Assurance, Audit & Stakeholder Engagement

• Support internal and external audits by providing automated, timely, and defensible evidence.
• Act as a key technical point of contact for audit, risk, and regulatory stakeholders.
• Drive control remediation and continuous improvement initiatives.

What you will bring:

• Progressive experience in technology risk management for at least 3 years, primarily on automated controls testing and GRC engineering
• CISA, CRISC or other relevant designation (i.e., CISM) is a strong asset
• Advanced knowledge of relevant regulatory requirements and standards, including COBIT, ISO 27001/ 27017, SOC 2, SWIFT and other IT frameworks
• Experience in project management
• Experience with coaching and leading a team
  
  

Functional / Technical

• Technology Risk & Controls Management
• ATCTM & Continuous Assurance
• GRC Platforms (ServiceNow IRM)
• Policy‑as‑Code / Compliance‑as‑Code
• Cyber & IT Control Domains
  
  

Behavioural

• Results Orientation – Delivers measurable reductions in manual testing and audit effort
• Analytical Thinking – Engineers practical solutions to complex risk problems
• Accountability – Owns outcomes and control effectiveness end‑to‑end
• Collaboration & Influence – Partners effectively across Technology, Security, Risk, and Audit
  
  

Change Leadership – Drives adoption of modern, automated assurance practices

-

The base salary for this position is between $95,000.00 - $135,000.00 annually. This represents base salary only and does not represent other variable compensation components of our total compensation ( i.e. annual bonus, commission etc). If you are selected to move forward in our recruitment process, your recruiter will be able to discuss additional details of our total rewards program with you.

Career opportunities will be open a minimum of 5 business days from the date of posting, closing dates will vary depending on the search activity. All applications received will be reviewed on a rolling basis.

Grow with Canada Life 

We’re united by a shared purpose: to improve the financial, physical and mental well-being of Canadians. Our company is trusted by 1 in 3 Canadians and contributes to the strength of communities across the country.  

We’re looking for people who live our values everyday: we step up, we do the right thing, and we deliver – for our customers, communities and each other. Are you someone who always strives to do the right thing, who steps up for themselves and others, and who delivers with impact? Then we want to hear from you! 

What we offer:  

We’re committed to supporting our employees through every stage of their career. Here’s what you can expect as a full-time or part-time permanent team member: 

• Career Development: Opportunities for career advancement, access to industry-leading learning programs and up to $2,000 annually towards education reimbursement. 

• Health & Wellness: Flexible health and dental benefits, plus a $5,000 mental health benefit to support your well-being. 

• Time Off: In addition to regular vacation and personal days, we support community involvement with a volunteer day.  

• Financial Security: Company-matching pension plan, share ownership program and additional investment options. 

• Rewards and Recognition: Employee recognition programs, service milestone celebrations, employee discounts and more!  
• Emphasis on Community: We provide a workplace where employees feel connected and supported through Employee Resource Groups (ERGs), mentorship programs, social clubs and events.  

Learn more about Canada Life.  

We’re committed to removing barriers and ensuring equal access to employment. Applicants requiring reasonable accommodation during the application process may contact  talentacquisitioncanada@canadalife.com. All information provided will be handled in accordance with applicable laws and Canada Life policies.  

Canada Life would like to thank all applicants, however only those who qualify for an interview will be contacted. 

#LI-Hybrid