×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Manager, Cyber & Technology Risk Management, Information & Corporate Security

Job in Toronto, Ontario, C6A, Canada
Listing for: Canada Pension Plan Investment Board
Full Time, Contract position
Listed on 2026-03-10
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 80000 - 100000 CAD Yearly CAD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Manager, Cyber & Technology Risk Management, Information & Corporate Security (12 month contract) page is loaded## Manager, Cyber & Technology Risk Management, Information & Corporate Security (12 month contract) locations:
Toronto time type:
Full time posted on:
Posted Yesterday time left to apply:
End Date:
April 30, 2026 (30+ days left to apply) job requisition :
JR00271
** Make an impact at a global and dynamic investment organization
** When you join CPP Investments, you are joining one of the world’s most admired and respected institutional investors. As a professional investment management organization, CPP Investments invests the funds of the Canada Pension Plan (CPP) to help ensure its financial sustainability for generations of working and retired Canadians.

CPP Investments invests across regions and asset classes to build a globally diversified portfolio. It holds assets in public equity, private equity, real estate, infrastructure, and fixed income, and the CPP Fund is projected to reach $3.6 trillion in assets by 2050. The organization is headquartered in Toronto with offices in Hong Kong, London, Mumbai, New York City, São Paulo, and Sydney.

CPP Investments successfully attracts, selects, and retains talented individuals from top-tier institutions worldwide. Join our team for access to:
* Stimulating work in a fast-paced and intellectually challenging environment
* Accelerated exposure and responsibility
* Global career development opportunities
* Diverse and inspiring colleagues and approachable leaders
* A hybrid-flexible work environment with an emphasis on in-person collaboration
* A culture rooted in principles of integrity, partnership, and high performance
* An organization with an important social purpose that positively impacts lives

If you have a passion for performance, value a collegial and collaborative culture, and approach work with the highest integrity, invest your career here.
** Role

Summary:

** The work of our Cyber & Technology risk team plays a critical role in protecting CPP Investments as our technology landscape continues to evolve toward cloud native platforms, SaaS providers, and AI enabled products.
The Manager, Cyber & Technology Risk Management is responsible for leading end‐to‐end security and technology risk assessments for in‐house applications and systems and third‐party SaaS/PAAS/AI providers, with a strong emphasis on assessing information security risks in vendor product architecture, AI capabilities, data protection, and integration risk.
Reporting to the Director, Cyber & Technology Risk, the successful candidate will partner closely with Technology, Procurement, Architecture, Legal, and Business stakeholders to support secure onboarding, risk informed decision making, and the continued maturity of the third party risk and security assessment program.
** Accountabilities &

Qualifications:

***
* Qualifications:

*** Minimum 8 years of experience in information security, with demonstrated expertise in conducting third-party and application security assessments. Strong technical background with deep experience performing system and architecture security reviews within financial institutions, investment firms, or other large, complex enterprise or public sector environments.
* Strong knowledge of SaaS security, Data Flow risks, and common cloud architectures, API, MCP (shared responsibility, multi-tenancy, IAM patterns, logging/monitoring). Working knowledge of security controls across IAM, data protection, application security, vulnerability management, incident response, and resilience.
* Strong knowledge of cloud-based models (SaaS, PaaS, IaaS) and technologies used to implement controls within these environments, network security, application security, and vulnerability management.
* Proficient in using various tools and methodologies for systems and architecture risk assessment and audit, such as SOC, NIST, ISO, COBIT, OWASP, etc.
* Working knowledge of developing and maintaining SAAS and AI architecture patterns, control documentation, guidelines, and formal control statements aligned to common security domains and enterprise security requirements.#
*
* Competencies:

***…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search