Team Lead, Technology Risk and Control

Team Lead Technology Risk and Control

Department: IT Security and Governance Information Technology Operations and Security Division

Type: 12 Month-Contract

Location: Toronto (Hybrid)

Posting Date: February 9 2026

At OPTrust paying pensions today preserving pensions for tomorrow is our mission and business.

When you choose OPTrust you join a team of smart talented people who fuel our success and have a passion for pensions. Everyone at OPTrust in Toronto London and Sydney makes a meaningful impact. Our culture is driven by team members with different backgrounds and perspectives creating an inclusive and fulfilling place to work for everyone. We work in a fast-paced environment but we find time to have fun and give back to the community.

What OPTrust Offers You

• Unique culture rooted in our core values collaboration and teamwork integrity respect flexibility excellence and continuous improvement.

• A purpose-driven environment where we all work towards the common goal of paying pensions today and preserving pensions for tomorrow.

• A flexible hybrid work model.

• Benefits package after six months of consecutive employment.

• Optional membership in our world-class defined benefit pension plan.

• A dedicated inclusion diversity and equity strategy with meaningful opportunities to participate including our employee-led resource groups.

About the role

This role is responsible for Governance Risk and Compliance (GRC) initiatives in ITOS division including developing and maintaining ITOS risk management processes leading audit and compliance activities related to IT and security operations and leading the ITOS Change Management process. The incumbent will develop and enhance IT General Control (ITGC) review programs maintain and regularly review policies procedures process flows and documentation identify internal control gaps that should be remediated and monitor the remediation of control deficiencies.

What youll do

Leadership and Governance

• Lead and mentor a small team provide guidance and support delegate tasks effectively and conduct regular team meetings to discuss ongoing projects share insights and address any challenges or concerns.

• Propose and implement improvements to internal controls collaborating with teams to align with IT and security processes and contribute to the documentation of related processes and baseline standards.

• Leads the implementation maintenance and communication of the ITGC related policies procedures and programs and performing ongoing reviews to be consistent with actual practices.

• Responsible for tracking all vendor agreements and documentation and the measurement of vendor performance against SLAs to ensure contractual terms are met and continuous improvement.

• Advises and educates others on internal controls and security procedures.

• Leads operational activities communicates procedures and engages vendors where applicable.

• Prepares and delivers ITOS divisional performance reporting.

• Responsible for researching leading-edge technologies technology standards and best practices to identify process improvement opportunities for the IT teams.

Audit and Compliance

• The point of contact between the external auditor and ITOS team lead plan execute and manage IT and security-related audit activities collaborate with internal and external stakeholders including but not limited to collecting evidence explaining business processes performing audit test and proposing remediation action plans.

• Leads and conducts regular internal audits of information systems applications and IT processes prepares working papers to document the work performed to ensure that appropriate controls exist and that information produced by the system is accurate.

• Prepares reports and recommendations for management on the results of information systems audits.

IT and Security Risk Management

• Develop implement and maintain a comprehensive ITOS risk management process to identify assess and prioritize ITOS risks. Collaborate with cross-functional teams to ensure that IT risk assessments and mitigation align with business objectives and regulatory requirements.

• Responsible for managing the technical risk database.

Change Management and Process Enhancement

• Leads the review development evaluation maintenance and implementation of IT General Controls and business controls in collaboration with the incumbents manager to ensure the proper cadence and review are being adhered to as well as to ensure the controls are within corporate objectives and meet the government-mandated standards.

• Implements the change management process including organizing the Change Advisory Board (CAB) meetings reviewing and analyzing Request for Change (RFC) communications stakeholder engagement business processes and training plans identify risks and devise contingency plans as required.

• Works with internal ITOS managers to ensure agreed upon process controls are in place and functional as designed.

What you bring

• Post-secondary education in IT Business Processes Information Technology or similar fields.

• Holds one or combination of professional designation in IT audit or IT risk management such as CRISC CISA CIA CISSP.

• 5 years of experience in IT Audit IT Governance IT General Controls Application Controls and IT Risk Management.

• Demonstrated experience in leading and managing ITOS audit activities IT risks and security risks management change management project management IT governance and compliance specifically in developing IT. policies procedures and audit work programs.

• Knowledge of IT Governance IT Audit Cyber Security Operations audit requirements IT and security Standards IT General Controls and Control Assessments.

• Knowledge of NIST CSF IT Risk Management Framework COBIT COSO framework SOC 2 ISO 27001 and ITIL Foundations would be an asset Exposure to financial industry business processes enterprise and operational risk principles and practices.

• Proven technical knowledge of IT platforms ITGC and application control testing networks operating systems databases security privacy and business applications.

• Deadline-driven and results-oriented able to meet consistently high-quality standards while handling a variety of tasks and deadlines simultaneously.

• Demonstrated proficiency with document and records management software preferably Content Server and Office 365 (e.g. OneDrive PowerBI SharePoint Flow Visio PowerApps Project).

• Proven understanding of the IT infrastructure and functions with exceptional data analytical interpersonal and communication skills.

• Detail oriented and possess a practical problem-solving approach to everyday matters.

• Effective organizational skills and ability to establish priorities and meet deadlines.

• Knowledge of pension finance and investment processes is an asset.

• Experience in policy and procedure development process and workflow documentation IT audits change management access management or other IT operational activities with a focus on compliance and internal controls.

• Experience in auditing large enterprise IT implementations with knowledge of project methodologies project controls and ability to effectively work with cross functional project teams.

• Exceptional written and oral communication skills.

• Exemplify OPTrusts values: collaboration and teamwork integrity respect flexibility excellence and continuous improvement.

This posting is for an existing vacancy.

The range of expected compensation for this position is $125456 to $154517 per year.

Please submit your application via Workday by February 23 2026.

Serving a membership as diverse as ours and investing in a global market means cultivating an environment that embraces inclusion diversity and equity in everything we do. OPTrust is an organization engaged in building on our unique and diverse strengths. We know a diversity of backgrounds cultures gender identities and perspectives are critical to achieving our shared goals.

If you require accommodation at any time during the recruitment process please send a message to or discuss your needs with the Talent Acquisition Consultant during the telephone screening. We will do our best to work with you and provide appropriate accommodation.

As an organization were seeking ways to respond to the Truth and Reconciliation Commission of Canadas Call to Action 92. We are working with the Canadian Council for Indigenous Business to build bridges with Indigenous communities and partners and we have created an employee-led Reconciliation Working Group that will work with Indigenous experts to identify a path to reconciliation for our organization.

We thank all interested applicants however only those under consideration will be contacted.