Print Friendly, PDF & Email
Job Posting

Website OPTrust

Description: NOC Code: NOC 217

Paying pensions today, preserving pensions for tomorrow.

We’re always looking for smart, talented people to fuel our success and who have a passion for pensions.

Everyone at OPTrust makes a meaningful impact, challenges conventional wisdom, and has fun, too. Respect, integrity and teamwork are all part of our cultural DNA. We embrace curiosity and diversity because it makes us stronger. Our environment is fast paced, but we find time to give back to the community.

Analyst, IT Risk and Controls



Posting Date: May 20, 2021


This role is responsible for the IT Technical Change Management process, executes the annual IT external audit activities, and will organize, review and analyze major IT processes. The incumbent will develop IT General Control (ITGC) compliance review programs, maintain and regularly review process flows and documentation, identify internal gaps in business processes and procedures or systems that should be remediated / changed, and monitor the remediation of control deficiencies.


  • The point of contact between external auditor and IT, organizes and oversees audit activities including but not limited to collecting evidence, explaining business processes, performing audit test, and proposing remediation action plans.
  • Responsible for the implementation, maintenance, and communication of the ITGC related policies, procedures, and programs, and performing ongoing review to be consistent with actual practices.
  • Responsible for the review, development, evaluation, maintenance and the implementation of IT
  • General Controls, and business controls in collaboration with the incumbent’s manager to ensure the proper cadence and review are being adhered to as well as to ensure the controls are within corporate objectives and meet the government mandated standards.
  • Implements the change management process, including organizing the Change Advisory Board (CAB) meetings, reviewing and analyzing Request For Change (RFC), communications, stakeholder engagement, business processes and training plans, identify risks, and devise contingency plans, as required.
  • Plans and conducts regular internal audits of information systems, applications, and the IT processes, prepares working papers to document the work performed to ensure that appropriate controls exist, and that information produced by the system is accurate.
  • Prepares reports and recommendations for management on the results of information systems audits.
  • Advises others on internal controls and security procedures.
  • Responsible for tracking all vendor agreements and documentation and the measurement of vendor performance against SLAs to ensure contractual terms are met and continuous improvement.
  • Responsible for managing the IT and PMO resource database.
  • Responsible for resource capacity analysis in support of new business/project initiatives underway.
  • The incumbent will work with the department and project leaders to ensure the proper balance of PMO resources.
  • Facilitates operational activities, communicates procedures, and engages vendors where applicable.
  • Prepares and delivers IT/PMO divisional performance reporting.
  • Responsible for researching leading edge technologies, technology standards and best practices to identify process improvement opportunities under IT and PMO.


  • Demonstrated experience in IT audit, project management, IT governance, risk, and compliance, contract management, specifically in developing IT policies, procedures, and audit work programs.
  • Excellent knowledge of planning and documentation in an IT environment; designing and managing
  • Key Process Indicators (KPI) and Service Level Agreements (SLA) would be an asset.
  • Strong technical knowledge of IT platforms, programming, application testing, networks, operating systems, databases, security, privacy, and business applications.
  • Strong knowledge and experience with traditional database technology (i.e., SQL), database design & architecture, and a fundamental understanding of data flow and handling. (Oracle EBS Database experience a plus).
  • Exceptional proficiency with document and records management software, preferably Content Server and Office 365 (i.e., OneDrive, SharePoint, Flow, Visio, PowerApps, Project).
  • Strong understanding of the IT infrastructure and functions with exceptional data analytical, interpersonal and communication skills.
  • Detail oriented and possess a practical problem-solving approach to everyday matters.
  • Excellent organizational skills and ability to establish priorities and meet deadlines.
  • Knowledge of pension, finance and investment processes is an asset.
  • Post-secondary education in IT and related field.
  • 3 – 5 years of direct experience in an IT audit function or business /corporate IT functions in consultative or professional services environments (big 4 accounting firm experience a plus)
  • 4 plus years’ work experience in an IT environment on change management, access management, system development or other IT operational activities with a focus on compliance and business controls (SOX compliance a plus).
  • Designation in relevant audit or industry standard certifications (i.e., CISA, CIA, CPA, CISSP, ISO 27001 Lead Implementer/Auditor) is required.
  • Experience auditing large enterprise IT implementations with knowledge of project methodologies, project controls and ability to effectively work with cross functional project teams
  • Knowledge of COBIT, COSO framework, SOC 2, ISO 27001 and ITIL Foundations would be an asset.
  • Exceptional written and oral communication skills.

Please submit your application via Workday by June 20, 2021.–IT-Risk-and-Controls_R237

Serving a membership as diverse as ours and investing in a global market means cultivating an environment that embraces diversity and inclusion in everything we do. We know diversity of thought, background, culture, and perspective is critical to creating long-term value. OPTrust is a diverse organization engaged in building on our unique strengths. If you require an accommodation at any time during the recruitment process, please send a message to, or discuss your needs with the Recruitment Consultant during the telephone screen. We will do our best to work with you and provide appropriate accommodation.

We thank all interested applicants, however only those under consideration will be contact

Job posting end date : 2021-06-20
Job Posting Start Date: 2021-05-20

To apply for this job please visit optrust.wd3.https.