Senior IT Governance, Risk, and Compliance Manager

​​Senior IT Governance, Risk, and Compliance Manager​ 

We are ready to take this game to the next level and need someone passionate to ​​manage the operational execution of IT GRC activities and contribute to the development and enhancement of governance frameworks, risk management strategies, and compliance practices. You will work closely with process and control owners, risk owners, and various stakeholders including enterprise functions to ensure that IT governance, risk and compliance considerations are embedded into IT practices ​.​ 

YOUR ROLE IN THE GAME 

Reporting to the ​Director IT Governance Risk & Compliance​, you will be empowered to:   

• Develop and maintain IT governance and risk frameworks, including policies, standards, processes, and guidelines aligned with enterprise requirements. 

• Perform risk assessments and monitoring, identify risk indicators, propose prevention measures, and escalate issues impacting compliance or risk profile. 

• Guide the implementation of controls and compliance activities, oversee control lifecycle, facilitate assessments, audits, and remediation plans for risk incidents or audit findings. 

• Manage reporting and stakeholder alignment, including compliance dashboards, risk reports, and collaboration with enterprise risk, legal, audit, and compliance teams. 

• Lead IT Governance, Risk, and Compliance initiatives, support training and awareness programs to foster a culture of compliance and continuous improvement. 

• Conduct readiness and maturity assessments to evaluate the size, nature, and impact of organizational change, and contribute to planning and implementing information assurance and accreditation processes. 

• Engage stakeholders to define benefits and metrics, track benefits realization, and coordinate with change managers to embed governance, risk, and compliance (GRC) considerations into change initiatives. 

• Support strategic planning and risk-based prioritization of IT initiatives, while assisting teams in adopting new practices through guidance and resources. 

• Coach and support team members by developing skills aligned with goals, assigning tasks based on capabilities, monitoring performance, providing guidance during uncertainty, and facilitating learning and development activities. 

WHAT YOU BRING TO THE GAME 

​​Education & Experience: 

​ 

• ​Bachelor’s or master’s degree in IT, Information Systems, Computer Science, Cybersecurity, or related disciplines.  

​Preferred Certifications:  

• ​IT Governance & Risk Management: COBIT 2019 - Foundation , CRISC (Highly desired) 

• ​Information Security: CISA/CISM/CISSP/ISO27001  

• ​Project/Program Management: PMP, PgMP, or equivalent  

• ​Minimum 7 years of progressive experience in Technology, Cybersecurity, or Enterprise Risk domains.  

• ​Minimum 5 years of experience in IT GRC functions.  

​ 

​Relevant Skills: 

• ​Design and implement IT Governance and Risk Management frameworks, ensuring alignment with enterprise standards and best practices. 

• ​Deep expertise in GRC operating models, capability maturity assessments, performance measurement, and the Three Lines of Defense model across IT, cybersecurity, risk, audit, and assurance functions. 

• ​Strong knowledge of governance and compliance frameworks, including COBIT 2019, ISO/IEC 38500, ISO 27001, ISO 31000, PCI DSS, COSO, SOC 2, and NIST (CSF, 800-53), with experience in internal controls design and monitoring. 

• ​Proven ability to lead and manage IT governance initiatives, including framework implementation, risk management programs, and divisional projects.​ 

BENEFITS OF JOINING THE WINNING TEAM 

• Group Benefits Plan: Eligible employees and dependents have access to comprehensive, employer-paid group benefits coverage (permanent employees only). 

• Public Service Pension Plan: Participation in a highly desirable defined benefit pension plan. 

• Variable Pay Program: Participation in a performance-based incentive plan that recognizes organizational and individual achievements (permanent employees only). 

• Paid Time-Off: Competitive paid time-off provisions to support work-life balance and well-being. 

• Growth Focus: Become your best self with access to new opportunities and personalized support programs. 

• Comprehensive Learning: 24/7 access to robust online learning programs. 

• Equity, diversity, and inclusion: Core to OLG’s culture, empowering employees to bring their authentic selves and make a meaningful impact across Ontario. 

To learn more about our organization and other opportunities visit our career site. 

We look forward to hearing from you, interested applicants please apply online by ​February 1, 2026​. 

#LI-Onsite