IT Risk Manager (Operational Resilience)

IT Risk Manager (Operational Resilience)

  • Contract Length: 11 Months
  • Location: Calgary, Alberta

Raise is currently hiring an IT Risk Manager (Operational Resilience) on behalf of our client. They’re expanding their team to meet growing needs, making this a unique opportunity to work with an industry leader. Our Client is a market leading financial institution

Note: The primary pay rate is based on T4 classification; however, we will also consider applications from candidates interested in an INC classification, where applicable.

Description

As the IT Risk Manager, you will partner closely with the Senior Risk Manager to elevate and mature our clients operational resilience framework. You will play a pivotal role in safeguarding our technology landscape by analyzing risk events, managing change risks, validating key controls, and leading our alignment with the OSFI E-21 Operational Risk and Operational Resilience guidelines.

Responsibilities            

  • Operational Resilience & OSFI E-21 Compliance
  • Drive OSFI E-21 Implementation: Provide strategic oversight and expert guidance on mapping critical operations, establishing disruption tolerances, and designing/testing severe but plausible event scenarios.
  • Integrate Risk Programs: Ensure tight alignment of operational resilience and control testing activities with broader enterprise programs, including NIRAP, RCSA, BCP (BIA, BCP, DRP), Third-Party Risk, Cybersecurity, and Regulatory Risk Management.
  • Strategic Governance: Develop robust governance guidelines, operational job aids, and performance dashboards to track program maturity and risk metrics.
  • Risk Event & Change Management
  • Analyze Risk Events: Direct root-cause analysis for operational risk events to implement corrective and preventive actions, minimizing future disruptions.
  • Regulatory Reporting: Evaluate the financial and operational impact of risk events, ensuring accurate reporting of operational losses or near-misses in line with  criteria.
  • IT Change Oversight: Review and authorize major IT changes, verify risk assessments, and approve stakeholder-vetted controls. Oversee post-incident root-cause analysis for failed changes to continuously optimize IT deployment.
  • Control Testing & Governance
  • Execute Control Testing: Plan, execute, and document comprehensive control testing to validate the design, implementation, and operating effectiveness of key IT controls.
  • Remediation & Risk Acceptance: Partner with stakeholders to identify control gaps, draft Management Action Plans (MAPs), monitor deficiency remediation, and facilitate formal risk acceptance when necessary.
  • GRC System Management: Ensure all testing, findings, and remediation plans are meticulously documented within ’s GRC tools.
  • Mentorship: Coach and mentor junior team members, fostering professional growth and shared expertise in IT risk management practices.

Qualifications

  • 5–7 years of progressive experience in IT risk management, IT audit, technology governance, or regulatory compliance within a financial institution or highly regulated environment.
  • Strong working knowledge of risk and governance frameworks (e.g., COBIT, COSO, ISO 31000) and hands-on experience using GRC tools (e.g., ServiceNow GRC, Archer, MetricStream, or equivalent).
  • Regulatory Acumen: Proven experience leading or supporting the implementation of OSFI Guidelines (specifically OSFI E-21, with familiarity in B-10 and B-13 being highly valued).
  • Proficiency in leveraging automation, data analytics, or AI tools to enhance risk monitoring and operational resilience reporting is considered a strong asset.
  • Top Skills for Success
  • Cross-Functional Influence: Exceptional ability to build relationships, build consensus, and confidently present complex risk findings or strategic recommendations to both peers and senior leadership.
  • Analytical Brilliance: A natural problem-solver with the ability to synthesize complex, technical information into clear, actionable insights and risk mitigation strategies.
  • Control Expertise: Demonstrated mastery in designing, executing, and documenting IT control testing and regulatory compliance frameworks.
  • Education and Certifications
  • Bachelor’s degree in Business, Information Systems, Accounting, Risk Management, or a related field.
  • Holding one or more of the following professional designations is highly preferred:
  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM)
  • Certified Internal Auditor (CIA)
  • Certified Risk Management Assurance (CRMA)
  • Certified Information Systems Security Professional (CISSP)

Additional Information

  • A requirement for candidates to be considered for this role will be to complete a criminal and credit check (including Canadian Credit Risk Score) 

Looking for meaningful work? We can help!

Raise is an established hiring firm with over 65 years of experience. We believe strongly in making the world a better place through work, which is why we’re a certified B Corporation and donate 10% of our profits to charity.

We strive to build teams that reflect the diversity of the communities we work in. We encourage all qualified applicants to apply, including people from traditionally underrepresented groups such as women, visible minorities, Indigenous peoples, people identifying as LGBTQ2SI, veterans, and people with visible/nonvisible disabilities.

We have a dedicated webpage for accommodations where you can learn more about what we offer and request accommodation: https://raise.jobs/accommodations/

 

In order to submit candidates for roles, our clients will sometimes require personal information to confirm the identity of applicants and their legal status to work. Raise will never ask you for personal or banking information unless you have been selected for a job. If you are ever unsure about the legitimacy of this or any other Raise job posting (or have any other questions), please contact us at +1 800-567-9675 or hello@raiserecruiting.com.

#WES

#LI-SC1

IT Risk Manager (Operational Resilience)

Similar job opportunities:

When you apply for a job with us, you consent to the use of automated screening tools — including voice and text analysis — for this job and future jobs with Raise. These tools help us review resumes, assess qualifications, and make initial recommendations; however, all final reviews and hiring decisions are made by people. Questions? Contact us at hello@raiserecruiting.com

Search all jobs:

Search jobs by title or keyword
Click here

Keep exploring!