Economical is part of Definity, which includes some of Canada’s most long-standing and innovative insurance brands, including Economical Insurance, Sonnet Insurance, Family Insurance Solutions, and Petline Insurance. With strong roots that date back to 1871, Definity has grown to become a digital leader in the insurance industry. We’re proud to help our clients and communities adapt and thrive in a world of constant change.
Our promise to you: It’s better here. Why? Because we CARE, and we provide an employee experience that’s collaborative, ambitious, rewarding, and empowering.
Our ambition is to be one of Canada’s leading and most innovative P&C insurers. Come be a part of our journey, and love what you do.
Location: Waterloo or Toronto - Hybrid
*There is possibility for this position to become full-time permanent*
What can you expect in this role?
The Analyst, IT Risk Oversight is responsible for identifying, assessing, evaluating and reporting business risks related to technology at an Enterprise level. The Analyst, will support the IT function in:
- Completing the IT general computer control (ITGC) testing in support of Internal Control over Financial Reporting (ICFR) supporting CEO/CFO certification;
- Identify, evaluate and escalate the implications of ITGC internal control weaknesses and deficiencies.
- Provide recommendations for gap closure and continuous improvement, in terms of both efficient and effective internal control performance.
- Provide input into the findings in the Management Letter of Representation (LoR) process and assist with preparing of reports to management and board committees as required.
- Supporting the Enterprise risk function in the evaluation of IT risks and mitigation plans; Evaluating risk and control effectiveness;
- Support the IT function in maturing processes and practices (e.g. Cyber Security).
The Analyst, IT Risk Oversight may also provide subject matter expertise to strategic initiatives to ensure enterprise and compliance risks are identified, assessed and managed appropriately through the implementation and operationalizing of the strategic initiatives.
IT General Computer Control (ITGC) validation program:
- Support the ICFR validation program for ITGCs to assess, validate and report on the design and effectiveness of key internal controls to support the CEO/CFO certification;
- Report on identified gaps and provide recommendations for improving internal controls;
Support the Enterprise Risk Management (ERM) program:
- Provide constructive challenge and monitoring of mitigating plans to address key TS risks;
- Evaluate the impact of business incidents at the Enterprise level;
- Support ad hoc special risk projects as required;
- Participate in various projects, as requested, pertaining to TS risk e.g. Information security and Data Governance initiatives;
- Assist with the development of corporate policies, standards and guidelines to manage key risks.
Provide support to strategic initiatives:
- As requested, provide second line of defense input and constructive challenge to ensure compliance and enterprise risks are identified, assessed and managed to remain within Economical's risk appetite throughout the implementation and operationalizing of the strategic initiatives;
- Support ERM's risk assessment and reporting on strategic initiatives.
Research and remain current with emerging best practices in technology risk management and controls:
- Research and evaluate leading and emerging industry practices and adopt continuous improvement principles to support success.
What do you bring to the role?
- University degree and achievement/working toward a recognized professional designations/certifications, such as CPA, Certified Information Systems Auditor, Certified Internal Auditor, etc.
- Related experience in technology risk in areas such as Information Security, Cloud, Data Management including Data Governance, Internal/External audit, or compliance;
- Experience within a professional services firm or experience in internal audit functions within a public company is an asset;
- Ability to build strong relationships externally and internally with people from all levels to help foster a positive risk management culture.
- P&C Insurance experience considered as an asset.
- Strong organizational and analytical problem-solving skills;
- Excellent verbal and written communication skills;
- Proficient in Microsoft office products.
We also take potential into consideration. If you don’t have this exact experience, but you know you have what it takes, be sure to give us more insight through your application and cover letter.
Go ahead and expect a lot — you deserve it, and we’ve got it:
- Hybrid work schedule for most roles
- Company share ownership program
- Pension and savings programs, with company-matched RRSP contributions
- Paid volunteer days and company matching on charitable donations
- Educational resources, tuition assistance, and paid time off to study for exams
- Focus on inclusion with employee groups, support for gender affirmation surgery, access to BIPOC counsellors, access to programs for working parents
- Wellness and recognition programs
- Discounts on products and services
Our inclusive work environment welcomes diversity and supports accessibility. If you require accommodation at any time during the recruitment process, please let us know by contacting: [email protected]
This role requires successful clearance of a background check (including criminal checks and leadership references).