We are proud to announce that Canada Life will become our company brand under which our three companies service Great West Life, London Life, and Canada Life.
Together, Great-West Life, London Life and Canada Life have been in the business of keeping promises for over a century.
The new Canada Life brand combines the strengths of all three so we can better deliver on our purpose : To improve the financial, physical and mental well-being of Canadians.
We are excited about this journey. To find out more about our story, click here
The Senior Risk and Compliance Analyst is part of the Technology, Risk and Compliance organization and is responsible for providing first line of defense IT risk and compliance management services for Canada Life.
He / she will partner with various stakeholders across the organization to help identify and manage risk and compliance requirements to support enabling the business to meet the evolving needs of our customers and expectations of our regulators.
What You’ll Do :
Lead and coordinate efforts within the Canadian technology organization to identify and manage risks in accordance with the organization’s operational risk management framework and related policies and standards, leveraging various operational risk management tools.
These tools may include risk and control assessments, initiative risk and control assessments, scenario analysis, loss event reporting, and key risk indicators.
Work with second line of defense and other corporate functions to determine a plan and approach to implement operational risk management tools as required
Ensure standards are followed and risk mitigations are in place and monitored related to operational risks and security standards.
Employ a system of internal controls to mitigate identified risk and satisfy compliance and external requirements. This includes leading and coordinating control testing efforts.
Provide advice, consultation, facilitation and reporting to technology and business leaders on their IT risk management and monitoring activities.
Ensure the identification, analysis and timely reporting of inherent and residual operational risk and the escalation of all significant operational risk events and matters to relevant second or third level of defense groups and corporate functions.
Track and report on the status of action plans relating to operational risk, regulatory, and Internal Audit issues.
Identify and recommend changes related to technology policies, standards and measurements for external compliance, risk management, security requirements, internal controls management, policy management, process management and internal audit to the Global Risk and Security teams, based on regional legislative, industry, contractual, or other considerations.
Ensure staff are aware of the policies, procedures, and controls related to risk and compliance management and any related changes.
Who you are :
5+ years of experience as an information technology practitioner, or in another related I.S. function, with relevant risk and compliance analysis experience.
Undergraduate university degree or equivalent experience.
Firm knowledge and practical experience with IS Methodologies, processes and practices.
Ability to challenge senior leaders on key risk, compliance, standards and policies.
Innovative thinker, with ability to recommend and allow unique tools based on technology risk appetite for clients.
Highly adaptable and comfortable working in, and through, ambiguity and change.
Strong written and verbal communication skills including the ability to communicate effectively to a non-technical audience.
Self-motivated team player who can work both independently and collaboratively.
Ability to foster collaborative relationships across functions and facilitate cooperation towards key outcomes for regulators.
Demonstrated critical thinking and analytical skills encompassing an organization-wide perspective, with attention to detail.
Experience handling multiple competing tasks and priorities while delivering high-quality outcomes.
Understanding of Internal Audit practices and processes.
Customer-focused and results-oriented.
What will make you stand out :
Experience with COBIT, NIST, ISO Standards.
Certified Risk and Information Systems Control (CRISC) or Certified Information Systems Auditor (CISA) designations.
Compliance, operational risk, and / or information security experience working in complex, shared environments.
Demonstrated understanding for the complex and ever-changing regulatory environment and the need to be ahead of regulations.
Experience working with an agile approach to delivery.
Experience leading and accepting organizational change.