Manager, Technology Risk & Controls at Oxford Properties Group — NeverHard
Manager, Technology Risk & Controls at Oxford Properties Group in Toronto, Ontario. Skills: IT General Controls, Leadership, Risk Assessment, Technology Risk, cybersecurity testing. Apply on NeverHard.
Company
Oxford Properties Group
Location
Toronto, Ontario
Type
temporary
Remote: Yes
Required skills:
IT General Controls
Leadership
Risk Assessment
Technology Risk
cybersecurity testing
Role Overview
The Manager, Technology Risk & Controls leads the Technology Risk and Cybersecurity Assurance function within Internal Controls at Oxford. Reporting to the Senior Manager, Internal Controls, this role is accountable for establishing and operating the technology risk and cybersecurity assurance framework across the organization. Operating in a dynamic environment, the Manager leads a team of Senior Analysts and is responsible for navigating ambiguity, building structure, and driving outcomes. The role partners with Technology, Operations, and business leadership to embed a strong control environment and enable risk‑informed decision‑making. As a trusted advisor, the Manager is accountable for identifying, assessing, and mitigating technology risks across systems, infrastructure, OT, and third‑party services, including oversight of IT General Controls (ITGCs) supporting financial and operational reporting.
Technology Risk & Cybersecurity Assurance
Lead the development, implementation, and continuous enhancement of the Operational Technology Cybersecurity Framework, including maturity assessments across assets, systems, and applications
Oversee technology risk identification, assessment, and mitigation
Ensure appropriate cybersecurity controls and ITGCs are designed and operating effectively across internal teams and managed service providers
Drive timely remediation of risks, audit findings, and control deficiencies
Risk Management and Reporting
Own and maintain the Technology Risk Register aligned with enterprise risk standards
Define and monitor KRIs to assess risk exposure and control effectiveness
Perform thematic analysis to identify emerging risks, trends, and systemic control gaps across the technology landscape
Deliver executive‑level technology risk reporting and insights to senior leadership and Operational Risk
Support Business Impact Analysis (BIA) and Business Continuity Planning (BCP) activities
Governance, Policies and Frameworks
Develop and continuously improve technology risk policies, standards, and procedures
Ensure alignment with enterprise frameworks and leading practices (NIST, ISO, COBIT, CIS)
Embed risk management into technology operations, projects, and delivery processes
Stakeholder Management, Advisory, and Assurance
Serve as a trusted advisor to Technology, Operations, and business leaders, providing risk‑based guidance and fostering a strong risk‑aware culture
Lead internal and external technology risk, cybersecurity, and ITGC audits, including stakeholder coordination, assurance requests, response management, and deliverable quality review
Drive accountability for the timely remediation of audit findings, control deficiencies, and key technology risks
Represent Service Assurance in governance forums, steering committees, and cross‑functional initiatives, influencing risk‑informed decision‑making aligned with business objectives
Conduct targeted reviews of systems, processes, and controls to assess risk exposure, control effectiveness, and improvement opportunities
Training, Awareness and Continuous Improvement
Lead cybersecurity and technology risk awareness initiatives, developing guidance and training to strengthen risk management and control practices
Monitor regulatory developments and industry trends, ensuring frameworks, processes, and tools remain aligned with leading practices
Drive continuous improvement by enhancing risk management capabilities, promoting proactive risk identification, and fostering a strong risk‑aware culture
Leadership and People Management
Lead, mentor, and develop a high‑performing team, fostering a collaborative, accountable culture while building capability in technology risk, cybersecurity, and assurance
Set clear expectations, manage priorities, and provide direction in complex or ambiguous situations to ensure the timely delivery of high‑quality outcomes
Required Skills & Experience
Degree in Business, Technology, Risk Management, Cybersecurity, or a related field, with 5–7 years of experience in technology risk, cybersecurity, internal controls, audit, or regulatory compliance
Strong knowledge of technology risk management, cybersecurity principles, IT General Controls (ITGCs), and industry frameworks including NIST, ISO, COBIT, and CIS
Proven experience leading teams, driving accountability, supporting internal and external audits, and operating effectively in professional services or Big 4 environments
Excellent analytical, communication, and stakeholder management skills, with the ability to identify risks and control gaps, influence decision‑making, and translate complex issues into actionable insights
Experience leveraging automation and AI to enhance risk management and assurance processes
Highly organized, proactive, and adaptable, with the ability to manage multiple priorities in a fast‑paced environment and advanced proficiency in Excel, PowerPoint, and Word
Preferred Skills & Experience
Relevant certifications preferred (CISA, CRISC, CISSP, CISM)
Experience with Resolver or similar GRC platforms strongly preferred
Our hybrid work guideline requires teams to come to the office a minimum of 4 days per week.
The expected salary range for this position is $103,000.00 - $157,000.00 per year. You may also be eligible to receive an annual Incentive Award pursuant to our Short-term Incentive plan and our Long-term Incentive plan (if applicable), and to participate in our group benefits and retirement plans – details on these elements of compensation are included within OMERS & Oxford offer letters.
Oxford's purpose is to strengthen economies and communities through real estate.
Our people‑first culture is at its best when our workforce reflects the communities where we live and work – and the customers we proudly serve.
From hire to retire, we are an equal opportunity employer committed to an inclusive, barrier‑free recruitment and selection process that extends all the way through your employee experience.
Artificial intelligence (AI) tools are used to support certain stages of the OMERS recruitment process. While AI assists us in our process, human judgment and decision‑making remain central to our candidate experience.
#J-18808-Ljbffr