Trav Banner

IT Risk Director

Toronto (Region), Ontario

Company Information

Solid reputation, passionate people and endless opportunities. That's Travelers. Our superior financial strength and consistent record of strong operating returns mean security for our customers - and opportunities for our employees. You will find Travelers to be full of energy and a workplace in which you truly can make a difference.

Target Openings


Job Description Summary

This is an exciting and key position within Travelers Canada technology that is responsible for leading efforts associated with identifying and assessing risk and establishing mitigation strategies.
The position requires a focus on risk issues, partnering and maintaining strong working relationship with key constituents (i.e.; business continuity, enterprise risk management, corporate audit, compliance, and information systems security) while leading efforts to drive solutions that mitigate risk. The IT Risk Director will work leadership of IT Risk Management, Business Continuity, and organizational CIO(s) to set the vision, direction, and practical application for the IT Risk Management program within the Canadian Line of Business.

Primary Job Duties & Responsibilities

  • Identify and lead the appropriate subject matter experts to participate in the identification and analysis of risk scenarios
  • Direct the completion of risk analysis sessions and risk assessment activity within Canada Technology.
  • Support the accountable parties in determining the appropriate treatment of identified risks and partner with Canadian risk leaders to develop audit and risk mitigation plans.
  • Identify and lead the determination of appropriate action plans for risk remediation
  • Communicate risks and risk remediation and facilitate the acceptance of risk aligned with Travelers risk appetite
  • Inventory, assess significance, assign accountability, and lead the development of appropriate monitoring for the LOB control environment
  • Partner with assigned risk managers to ensure alignment and support in understanding and applying the IT Process, Risk and Control (PRC) framework
  • Align IT Risk Management (ITRM) activity with the IT PRC framework
  • Gain an understanding of how Canadian Technology controls map to the IT PRC framework and gaps in risk and control coverage
  • Identify and obtain the data required for consolidated metrics and reporting
  • Develop and lead efforts for creation and support of reporting dashboards and metrics that are external to the risk management tool
  • Support Canadian end users in understanding the risk management tool and how to leverage its capabilities
  • Identify additional ITRM processes or specific requirements that can be operationalized through the risk management tool and leading efforts associated with bringing these efficiencies into fruition.
  • Attend and at times lead ITRM training sessions
  • Lead CHANGE - strategy development initiatives for communication, education and awareness of key IT Risk Management initiatives. Coordinate feedback to IT Risk Management and IT Risk Management Council.
  • Lead change management efforts in supporting the LOB's understanding and applying policies, standards and procedures across the IT environment
  • Leadership in the IT Risk Management council
  • Lead efforts for audit planning and tracking, business continuity and records retention
  • Serve as primary point for all risks programs (e.g., IT Risk, Corporate Audit, Compliance, Business Continuity, IS Security)
  • Must provide innovative, enterprise-scope risk management solutions
  • Other duties as assigned.

Minimum Qualifications

  • Five years of Technology experience required.
  • One year of experience with leading change management, risk mitigation and/or large scale IT implementations required.

Education, Work Experience, & Knowledge

  • Eight years of experience in Risk Management or related fields such as Audit, IT Security, or Business Continuity preferred.
  • Bachelors degree in Technology or a related field preferred.
  • One years experience leading technical teams preferred.

Licensing or Certificates

  • Certified in Risk and Information Systems Control (CRISC) designation preferred or attained within 2 years.

Job Specific Technical Skills & Competencies

  • Advanced Technical Knowledge:
  • Technical expertise to understand detailed issues around business continuity, security, and overall risk in IT.
  • Able to have enough expertise to drive a solution and solve issues, addressing risk.
  • Advanced Business Knowledge & Partnership:
  • Creates an atmosphere where business partner's issues are dealt with professionally, and in a timely manner.
  • Suggests solutions and drive results that make sense and improve the performance of the assigned systems.
  • Ensures customer's perspective is understood to optimize system(s) support of the business goals.
  • Communicates openly and effectively in a manner consistent with the audience.
  • Recognizes the importance of superior quality in providing a competitive edge.
  • Ensures that reports are precise, timely and accurate.
  • Advanced Problem Solving & Decision Making:
  • Once decisions are made, is able to develop and lead the management plan and direct activities to obtain intended results.
  • Breaks a problem down to manageable pieces and implements effective, timely solutions.
  • Takes input from several sources, decides if all the information needed is available and moves to a decision.
  • Openly and directly confronts conflict until resolved.
  • This role requires strong judgment, reasoning and organizational savvy.
  • Advanced Team Orientation:
  • Maintains effective partnerships across the organization and is able to influence senior management, peers and subordinates through an inclusive style and recognition of their abilities and knowledge.
  • Balances team and individual responsibilities.
  • Exhibits objectivity and openness to others' views.
  • Gives and welcomes feedback.
  • Puts success of team above own interest.
  • Leader a distinct business unit or several smaller functions, at times with enterprise scope of responsibilities.
  • Responsibilities are assigned with some latitude for setting priorities and decision-making using established policies and procedures.
  • Provides business partners and/or staff with clarification and direction before proceeding.
  • This role requires expertise in lobbying, influencing without authority, and cross-enterprise integration
  • Advanced Leadership:
  • Supports a distinct business unit or several smaller functions.
  • Responsibilities are assigned with some latitude for setting priorities and decision-making using established policies and procedures.
  • Results are reviewed with next level manager for clarification and direction before proceeding.
  • This role requires expertise in lobbying, influencing without authority, and cross-enterprise integration.
  • Advanced Planning and Project Management:
  • Identifies those unit tasks that are most important and maintains a clear sense of priorities and the larger picture.
  • Anticipates and effectively responds to changes in workload and resources.

Equal Employment Opportunity Statement

Travelers is an equal opportunity employer. We are committed to providing accommodation to persons with disabilities. If you require accommodation during the recruitment or interview process we will work with you to accommodate your needs.

If you are a candidate and have specific questions regarding the physical requirements of this role, please send us an email so we may assist you.

About Travelers

The Travelers Companies, Inc. (NYSE: TRV) is a leading property casualty insurer selling primarily through independent agents and brokers. The company's diverse business lines offer its global customers a wide range of coverage in the auto, home and business settings. A component of the Dow Jones Industrial Average, Travelers has more than 30,000 employees and generated revenues of approximately $25 billion in 2010.