×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant IT Business Analyst

Specialist, IT Risk

Job in Toronto, Ontario, C6A, Canada
Listing for: Canada Mortgage and Housing Corporation
Full Time position
Listed on 2026-01-11
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, IT Business Analyst
Salary/Wage Range or Industry Benchmark: 86816 - 108520 CAD Yearly CAD 86816.00 108520.00 YEAR
Job Description & How to Apply Below

Select how often (in days) to receive an alert:

Travel Requirement:Travel not required

Language Skill Levels (Read/Write/Speak):ZZZ

Security Requirement: Secret

Salary:Our salaries generally range from $86816.59 to $108520.74 and are based on qualifications and experience.

About CMHC

The work you do and the work we do together matters. We come to work every day with a common purpose: to contribute to a well-functioning housing system.

At CMHC, we hold ourselves accountable for our results and support our colleagues in their achievements. We thrive on collaboration, connecting across CMHC and involving the right people to get our work done. Our leadership style is guided by trust
, where our leaders favour an adaptive approach based on the needs of their teams.

Join us and be part of a team that's committed to making a real difference and be part of something meaningful.

What’s in it for you

We’ve got the purpose, the people and the perks you need for a fulfilling career. Here’s the comprehensive and generous benefits you get when you’re a permanent employee:

  • Annual Paid vacation.
  • Annual individual performance incentive.
  • Comprehensive group insurance plan to support your well-being from day one.
  • Support towards your personal and professional growth with training, mentorship and more.
  • An inclusive workplace culture and environment.
About the role

Join the Information & Technology (IT) Risk and Compliance team, in the Specialist, IT Risk position. As the IT Risk Specialist, you will be responsible for assessing and interpreting data to determine the level of risk and other indicators of risk, ensuring the Risk Management Framework is aligned with CMHC’s operations and technology, reviewing Audit's schedule and their findings, and recommending actions to fill any observed gaps.

You will also be promoting a culture of risk awareness and providing training in risk management (i.e. internal and external control procedures and risk mitigation practices).

What you’ll do:
  • Develop action plans that addresses all upcoming activities, oversight and/or audit findings and gaps and monitors progress against action plans (including purpose, scope, timelines, etc.).
  • Plan and execute various tasks such as: risk assessments, risk event reporting, control testing, security standard maturity assessments, deficiency identification and remediation, risk training, corporate and sector specific business continuity planning, lender attestations, compliance attestations and risk scenario analysis.
  • Create and implement analytical models for risk assessment, including the assessment and interpretation of data to determine risk concentration.
  • Review draft oversight and/or audit reports/recommendations, obtain feedback and complete a reconciliation report of recommendations.
  • Provide risk management expertise for the ongoing maintenance and enhancement of business systems, technologies and processes.
  • Conduct research on best practices and recommend changes to current risk policies, procedures, standards and guidelines.
  • Communicate and collaborate with other oversight functions on results of risk management activities within the sector.
What you should have:
  • A bachelor’s degree preferably in Computer Science, Management Information Systems, Finance, Business Administration, Commerce, or in another related field.
  • A minimum of five (5) years of increasing responsibilities and experience in Risk and/or Audit.
  • A demonstrated experience in assessing and reviewing governance, work processes, controls and/or risk management, including IT General Controls testing, and of SWIFT compliance audits.
  • Experience and/or knowledge within three or more of the following risk domains:
    Audit management, Risk management, Compliance management, Cybersecurity;
    Cloud technologies;
    Business continuity management and disaster recovery;
    Data governance and information management; and Vendor management.
  • A knowledge of operational risk management framework, risk management policy development, internal control concepts and frameworks, and of OSFI guidelines.
  • A familiarity with common security standards and regulations (ISO 27001, ISO 27001 SOX, PIPEDA/GDPR, CCPA, COBIT, NIST 800-53…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search