Senior Analyst, Technology Risk

Are you looking to join a dynamic pension plan that embodies the strong values of its 500,000 members and is an industry leading global investor? If so, we would love to tell you our story.

At OMERS we put our people first and are proud to embrace the diversity of thought and leadership that comes from having locations in Toronto, London, New York, Singapore, Sydney and other major cities across North America and Europe. Our culture is truly one of a kind. We get stuff done, and have fun doing it We take great pride in contributing to the communities where we live with an ever-constant eye to the global investment markets.

Position Scope:

Reporting to the Manager of Technology Risk, the Analyst, Technology Risk will assess, prioritize, and mitigate Technology risks with controls that will protect OMERS assets and information enterprise-wide. This will be accomplished by collaborating with Technology information/process owners to align proposed risk mitigations to their defined Business Unit risk appetite; ensure timely remediation of audit/risk points and responses to compliance requests.

As a member of this team, you will be responsible for:

Support Technology Risk analysis and Risk management processes, day-to-day management of Internal Risk Register documentation and reporting

Ensuring project and portfolio alignment with security controls, enterprise data guidelines and security incident management processes as an advocate and enabler

Ensure standards are followed and risk mitigations are in place and monitored related to Technology risks, security standards and audit control findings

Create and prepare risk dashboards and risk-related presentations for senior management review

Provide advice, consultation, facilitation and reporting to Technology leaders on their Risk management and monitoring activities

Ensure the identification, analysis and timely reporting of inherent and residual Technology Risk

Track and report on the status of action plans relating to Technology risk and Internal Audit issues

To succeed in this role, you:

Education:

Bachelor's Degree in a technology related field or business administration, or related field augmented by industry related training programs and supported by work experience.

Experience:

Possess 4-6 years' experience in assessing risks, processes and controls

Strong knowledge and experience with COBIT 5.

Working towards or certified in CISA, CISM or CRISC certification

Strong working knowledge of ServiceNow GRC

Understanding of IT and security risks, processes, and controls and ability to converse at a technical level.

Excellent communication, interpersonal and project management skills: Demonstrate ability to plan, schedule, and coordinate work, and able to maintain high levels of confidentiality and professionalism as well as have strong organizational, communicative and interpersonal skills. Communicate with a diverse group of stakeholders at all organization levels.

Proven ability to lead teams and work cross-functionally.

Self-starter with proven track record of execution and results.

Great business judgment, ability to influence others and strong analytical thinking

Ability to prepare presentations, status reports, process narratives and work flow diagrams.

Familiar with IT security principles/frameworks such as NIST CSF, Cloud Controls Matrix, CIS CSC, ITIL, ISO 27001

Expertise in Word, Excel, PowerPoint, Visio and SharePoint.

Experience with Power BI report writing

We believe that time together in the office is important for OMERS and Oxford, the strength of our employees, and the work we do for our pension members. In delivering on our pension promise, keeping us connected to our work and each other,our flexible hybrid work guideline requires teams to come in to the office 3 days per week.

Why join us?

Are you looking to join a dynamic pension plan that embodies the strong values of its 500,000 members and is an industry leading global investor? If so, we would love to tell you our story.

At OMERS we put our people first and are proud to embrace the diversity of thought and leadership that comes from having locations in Toronto, London, New York, Singapore, Sydney and other major cities across North America and Europe. Our culture is truly one of a kind. We get stuff done, and have fun doing it We take great pride in contributing to the communities where we live with an ever-constant eye to the global investment markets.

Position Scope:

Reporting to the Manager of Technology Risk, the Analyst, Technology Risk will assess, prioritize, and mitigate Technology risks with controls that will protect OMERS assets and information enterprise-wide. This will be accomplished by collaborating with Technology information/process owners to align proposed risk mitigations to their defined Business Unit risk appetite; ensure timely remediation of audit/risk points and responses to compliance requests.

As a member of this team, you will be responsible for:

• Support Technology Risk analysis and Risk management processes, day-to-day management of Internal Risk Register documentation and reporting

• Ensuring project and portfolio alignment with security controls, enterprise data guidelines and security incident management processes as an advocate and enabler

• Ensure standards are followed and risk mitigations are in place and monitored related to Technology risks, security standards and audit control findings

• Create and prepare risk dashboards and risk-related presentations for senior management review

• Provide advice, consultation, facilitation and reporting to Technology leaders on their Risk management and monitoring activities

• Ensure the identification, analysis and timely reporting of inherent and residual Technology Risk

• Track and report on the status of action plans relating to Technology risk and Internal Audit issues

To succeed in this role, you:

Education:

• Bachelor's Degree in a technology related field or business administration, or related field augmented by industry related training programs and supported by work experience.

Experience:

• Possess 4-6 years' experience in assessing risks, processes and controls

• Strong knowledge and experience with COBIT 5.

• Working towards or certified in CISA, CISM or CRISC certification

• Strong working knowledge of ServiceNow GRC

• Understanding of IT and security risks, processes, and controls and ability to converse at a technical level.

• Excellent communication, interpersonal and project management skills: Demonstrate ability to plan, schedule, and coordinate work, and able to maintain high levels of confidentiality and professionalism as well as have strong organizational, communicative and interpersonal skills. Communicate with a diverse group of stakeholders at all organization levels.

• Proven ability to lead teams and work cross-functionally.

• Self-starter with proven track record of execution and results.

• Great business judgment, ability to influence others and strong analytical thinking

• Ability to prepare presentations, status reports, process narratives and work flow diagrams.

• Familiar with IT security principles/frameworks such as NIST CSF, Cloud Controls Matrix, CIS CSC, ITIL, ISO 27001

• Expertise in Word, Excel, PowerPoint, Visio and SharePoint.

• Experience with Power BI report writing

We believe that time together in the office is important for OMERS and Oxford, the strength of our employees, and the work we do for our pension members. In delivering on our pension promise, keeping us connected to our work and each other,our flexible hybrid work guideline requires teams to come in to the office 3 days per week.

Founded in 1962, OMERS is one of Canada’s largest defined benefit pension plans, with $128.6 CAD billion in net assets as of December 31, 2023. OMERS is a jointly-sponsored pension plan, with more than 1,000 participating employers ranging from large cities to local agencies, and over half a million active, deferred and retired members. OMERS members include union and non-union employees of municipalities, school boards, local boards, transit systems, electrical utilities, emergency services and children’s aid societies across Ontario. Contributions to the Plan are funded equally by members and employers. OMERS teams work in Toronto, London, New York, Amsterdam, Luxembourg, Singapore, Sydney and other major cities across North America and Europe – serving members and employers and originating and managing a diversified portfolio of high-quality investments in public markets, private equity, infrastructure and real estate.

OMERS is committed to having a workforce that reflects the communities in which we live and work. We are an equal opportunity employer committed to a barrier-free recruitment and selection process. At OMERS inclusion and diversity means belonging. How we create a sense of belonging is through our employees and our vast network of Employee Resource Groups. Whether you are passionate about gender, pride, or visible minorities, we have groups that are focused on making a difference in all of our lives.

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.