We’re Sagen

Sagen is Canada’s leading private mortgage insurance company making home ownership more accessible to first time homebuyers. For the past 30 years we have been focused on being the most trusted partner for lenders and brokers.

Our expertise in superior customer service, thought leadership, and industry knowledge has allowed us to be a driving force for our most important stakeholder, our valued customers. Our best-in-class team across the country work tirelessly to make every deal the most important deal. We are 100% Canadian-owned and believe in helping all Canadians achieve their dream of homeownership.

Sagen’s collaborative culture inspires our people to be authentic and curious while pursuing excellence in what they do.

Ready to make an impact

Sagen is looking for a Director, Enterprise Risk Management – IT Security & Cyber Risk who will lead and strengthen the Company’s management and oversight of IT, cyber security and emerging risks including AI risks, by driving change in the areas of governance, methodology, metrics and reporting and risk analysis. In this role you will be the key liaison with the Technology team and be responsible to ensure timely identification, prioritization, and communication of key IT and Cyber Risks in alignment with OSFI Guideline B-13, other regulatory requirements and the organization’s risk appetite.

This position is being posted to fill an existing vacancy within the department.

Here is where you will be focusing to ensure your success

Technology and Cyber Security Risk Management Program

• Responsible for development and implementation of IT and Cybersecurity Risk Management programs, including the implementation of an IT & Cyber risk management application within our Governance Risk and Compliance system
• Development of processes and procedures and provide ongoing support to business functions, to appropriately identify, assess, measure, and manage IT and Cyber Security risk (Risk and Control Self Assessments, control effectiveness testing etc)
• Conduct analysis of threat and vulnerability scenarios which may impact IT systems and business processes, and ensure risks are operating within Sagen risk appetite limits.
• Support risk assessment of all new initiatives, projects, changes as it relates to Technology related risks

Governance, Monitoring and Reporting

• Responsible for development and presentation of IT, Cyber, AI and IT Risk reporting and measurement for decision making of the Senior Leadership Team (Risk Appetite Statements, KRIs, thresholds, tolerances)
• Subject matter expert in the development of IT and Cyber Security Risk policies, frameworks, standards, risk and control objectives consistent with OSFI B13 domains and in response to internal and external threats, regulatory requirements, and changes in the IT risk landscape.
• Responsible for coordinating regulatory requests for information and assisting Internal Audit Reviews (as relates to IT controls)
• Maintain awareness of and monitor significant risk and control issues within the business- monitor and report the status and appropriateness of remediation actions

Oversight and Challenge

• Provide evidence based independent second line oversight and effectively challenge to ensure sound management of IT, Cyber risk, AI and Cloud risk
• Responsible for third party risk assessments and security reviews
• Provide second line oversight and report on all technology related incidents
• Oversee and challenge the Disaster Recovery program/ scenarios as well as alignment with Business Continuity

Emerging Risks, Thought Leadership and Promotion of Risk Culture

• Research and provide thought leadership on current and emerging IT, Cyber Security, AI risks and effective risk management practices, regulatory guidelines, publications
• Promote Sagen’s risk culture awareness, with a focus on operational resilience in an environment of open communication and effective challenge
• Maintain strong internal and external relationships and networks to continuously improve and risk programs

What we are looking for

• University degree in science, technology, business management, economics, accounting engineering, or mathematics.
• 10+ years risk management experience in the financial services industry including strong knowledge of the regulatory environment and requirements.
• 10+ years’ experience, specifically within risk management of Information Technology and Cybersecurity, controls risk quantification.
• Strong understanding and working experience in Information Technology Operations
• In depth knowledge of NIST, ISO 17799, ITIL, CoBIT and other IT Operation specific industry frameworks. Experience using GRC risk management tools. Professional certifications and membership of associations such as CRISC, CISA, CISSP, CISM, etc. are an asset.
• Strong team player who is resourceful and proactive self-starter, demonstrating the ability to lead and execute change initiatives.
• Demonstrated strength in working independently, managing deliverables, and resolving issues, recommending solutions applying risk-based thinking vs compliance only approach, while seeking guidance on the most complex situations.
• Proven project management skills and strong organizational skills with the ability to manage multiple priorities and manage concurrent deadlines.
• Strong communication skills (verbal, written and presentation) with the ability to influence internal/external stakeholders and exchange information to clearly articulate and translate risks into organizational impact
• Demonstrated ability to work well under pressure while maintaining a high level of professionalism

#LI-Hybrid

What's In It for you!

At Sagen we understand that your health and financial well-being are equally important and offer a total rewards package that includes competitive compensation, annual performance bonus, medical and dental benefits, company funded pension plan, matching RRSP, TFSA and/or Non-registered Savings Plans, work from anywhere days, and an environment that creates a sense of belonging to inspire you to be your very best.

Ready to join Sagen

At Sagen, we are committed to building a diverse and inclusive workplace, as evidenced by our partnerships with the Canadian Centre for Diversity and Inclusion (CCDI) and Black Mentorship Inc. We strive to create a sense of belonging where all employees, from every background and ability, are welcomed, respected, and empowered to be their authentic selves.

Throughout the selection and hiring process, we encourage candidates to request accommodation to meet their individual needs.