Control Analyst – ICFR

You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.

Job Description:

Control Analyst – ICFR

Position Overview

The IT Control Analyst – ICFR (2nd Line of Defense) plays a vital role in safeguarding the integrity of Sun Life’s financial reporting within an evolving digital landscape. Reporting to the Director, IT ICFR in the Corporate Financial Controls department, this role is pivotal in executing and supporting comprehensive assessments of IT controls that support CEO/CFO certifications and regulatory compliance requirements.

Working at the intersection of technology, risk management, and financial controls, the analyst collaborates with management, IT teams, and external auditors. The position offers broad exposure to enterprise-wide IT control frameworks and meaningful opportunities to deepen expertise in Internal Control over Financial Reporting (ICFR) across a digitally transforming organization.

Key Responsibilities

Execute IT Control Assessments

• Conduct thorough evaluations of IT General Controls (ITGCs) and IT Application Controls (ITACs) to support ICFR and SOx compliance.
• Lead walkthroughs and facilitate control testing in collaboration with business units, IT teams, and external auditors.
• Apply internal control testing methodologies consistent with SOx, COSO, and COBIT frameworks.
• Ensure clear documentation of control design and operating effectiveness, adhering to internal standards.

Support Continuous Improvement

• Assess control effectiveness and identify gaps or opportunities for enhancements.
• Assist with root cause analysis for control deficiencies and contribute to remediation tracking and validation.
• Partner with process and control owners to strengthen the internal control environment and enhance sustainability of controls.
• Remain informed about emerging IT risks, regulatory expectations, and industry best practices relevant to ICFR.

Collaboration and Stakeholder Engagement

• Liaise with external auditors to facilitate coordination of walkthroughs and testing activities.
• Build strong working relationships with cross-functional stakeholders across IT, Finance, and Risk.
• Communicate testing results, issues, and observations clearly and professionally to management.

Quality and Professional Development

• Maintain high standards for documentation quality, accuracy, and timeliness.
• Contribute to knowledge sharing, standardization, and continuous improvement initiatives within the ICFR team.
• Proactively develop technical and professional skills through on-the-job learning and training opportunities.

What You Bring

Required Qualifications

• Bachelor’s degree in Accounting, Information Systems, Finance, or a related field.
• CA, CPA, CISA, or progress toward a relevant professional certification is considered an asset.
• Typically  3-5+ years of experience in IT audit, IT controls, or risk management, with exposure to SOx environments or public accounting.

Technical Knowledge

• Working knowledge of SOx, COSO, and COBIT frameworks.
• Foundational understanding of IT environments, including infrastructure, cloud technologies, and information security concepts.
• Familiarity with control walkthroughs, testing techniques, and audit documentation standards.
• Experience using audit or GRC tools is an asset.

Core Skills

• Analytical Skills: Ability to analyze control designs, identify risks, and assess operating effectiveness.
• Communication: Clear written and verbal communication skills, with the ability to explain control concepts to non-technical stakeholders.
• Execution Focus: Strong attention to detail, ability to manage multiple testing activities, and meet deadlines in a structured environment.
• Collaboration: Comfortable working as part of a team and engaging constructively with stakeholders at various levels.

Valued Assets

• Experience in insurance, financial services, or other regulated industries.
• Exposure to ERP systems (such as SAP), key financial applications, or system implementations.
• Awareness of IT automation, data analytics, or emerging technologies as they relate to controls and audit.
• Prior experience supporting external audit engagements.

Job Category:

Finance

Posting End Date:

19/03/2026