ZipRecruiter

Log In

1

It Risk Manager Jobs in Ontario (NOW HIRING)

Scotiabank

Director, Technology Risk

Toronto, ON

... IT Risk Governance, Standards and Controls and lead the governance and operation of the technology and cyber issues lifecycle for the Bank, leveraging ServiceNow Integrated Risk Management as the ...

Sun Life Financial

AVP, IT Audit

Toronto, ON ยท Hybrid

The Assistant Vice President, IT Audit is responsible for the leadership and execution of risk ... Proficient in cyber security risk and control frameworks, and information risk management ...

Sun Life Financial

AVP, IT Audit

Toronto, ON ยท Hybrid

The Assistant Vice President, IT Audit is responsible for the leadership and execution of risk ... Proficient in cyber security risk and control frameworks, and information risk management ...

KPMG

Manager SAP - IT Risk Services

Toronto, ON

Our IT Risk Services team in Toronto is looking for a professional like you with the skills and ... Create workflows in Emergency Access Management, update rule sets, and create roles via GRC.

next page

Showing results 1-20

All JobsIt Risk Manager JobsIt Risk Manager Jobs in Ontario

It Risk Manager information

See Ontario salary details

$45

$67

$98

How much do it risk manager jobs pay per hour?

As of Jun 12, 2026, the average hourly pay for it risk manager in Ontario is $67.31, according to ZipRecruiter salary data. Most workers in this role earn between $55.29 and $75.00 per hour, depending on experience, location, and employer.

What are some common challenges faced by IT Risk Managers when implementing risk mitigation strategies across different departments?

IT Risk Managers often encounter challenges such as varying levels of risk awareness among departments, resistance to new controls or procedures, and balancing business objectives with security requirements. Successful risk mitigation requires clear communication, stakeholder buy-in, and tailored training to ensure all teams understand the importance of compliance. Building strong relationships and fostering a culture of shared responsibility are key to overcoming these hurdles and ensuring effective risk management across the organization.

Do risk managers make good money?

Risk managers typically earn competitive salaries that vary based on experience, industry, and location. According to industry data, median annual pay ranges from $80,000 to over $130,000, with higher earnings possible for those with certifications like FRM or CRM and extensive experience. They often work in corporate environments, analyzing and mitigating financial, operational, or cybersecurity risks.

What are the key skills and qualifications needed to thrive as an IT Risk Manager, and why are they important?

To thrive as an IT Risk Manager, you need a solid understanding of risk assessment, information security, and compliance frameworks, often backed by a bachelor's degree in information technology or related fields. Familiarity with tools such as risk management software, GRC platforms, and certifications like CISSP, CISM, or CRISC is typically required. Strong analytical thinking, communication skills, and the ability to influence stakeholders are crucial soft skills in this role. These skills ensure effective identification, mitigation, and communication of IT risks, supporting organizational resilience and compliance.

What does an IT Risk Manager do?

An IT Risk Manager is responsible for identifying, assessing, and mitigating risks that could impact an organization's information technology systems and data. They develop and implement risk management strategies, policies, and procedures to protect against cybersecurity threats, data breaches, and compliance violations. IT Risk Managers also work closely with other departments to ensure security best practices are followed and often lead risk assessments, audits, and incident response planning.

What is the difference between It Risk Manager vs Cybersecurity Analyst?

AspectIt Risk ManagerCybersecurity Analyst
CertificationsCRISC, CISSP, CISMCISSP, Security+, CEH
Work EnvironmentOversees risk management strategies across IT systemsMonitors and responds to security threats and incidents
Industry UsageUsed in organizations with complex IT infrastructuresCommon in security-focused roles across industries

The It Risk Manager focuses on identifying and managing IT risks at an organizational level, ensuring compliance and risk mitigation strategies. In contrast, a Cybersecurity Analyst primarily monitors security threats and responds to incidents. While both roles require similar certifications and work within the IT security domain, the It Risk Manager has a broader scope related to risk management policies, whereas the Cybersecurity Analyst concentrates on threat detection and response.

How much does a risk manager get paid?

Risk managers typically earn a median annual salary of around $100,000, with salaries ranging from approximately $70,000 to over $150,000 depending on experience, industry, and location. Professionals often hold certifications like CRM or FRM and work in finance, insurance, or corporate sectors.

Are risk managers in high demand?

Risk managers are in high demand across various industries due to increasing concerns about cybersecurity, compliance, and operational risks. Employers seek professionals with skills in risk assessment, mitigation strategies, and certifications like FRM or CRM, making it a growing field with strong job prospects.

What is the role of IT risk manager?

An IT risk manager is responsible for identifying, assessing, and mitigating information technology risks within an organization. They develop security policies, implement controls, and ensure compliance with industry standards to protect digital assets and infrastructure. Strong knowledge of cybersecurity, risk management frameworks, and relevant certifications like CISSP or CISM are often required.
What are popular job titles related to It Risk Manager jobs in Ontario? For It Risk Manager jobs in Ontario, the most frequently searched job titles are:
What job categories do people searching It Risk Manager jobs in Ontario look for? The top searched job categories for It Risk Manager jobs in Ontario are:
What cities in Ontario are hiring for It Risk Manager jobs? Cities in Ontario with the most It Risk Manager job openings:
It Risk Manager jobs near you

Senior IT Risk and Compliance

Logical Information Machines

Toronto, ON โ€ข On-site

CA$90K - CA$132K/yr

Full-time

Posted 24 days ago

Job description

The Group:

The Information Security department is responsible for setting enterprise security policies and standards that are designed to protect the confidentiality, integrity and availability of Morningstar information. The security team offers guidance and technical expertise in areas like application security, policies and procedures, disaster recovery and compliance/regulation. We analyze emerging security threats and conduct risk and vulnerability assessments to ensure that our information remains secure.

The Role:

The Information Security Team is looking for a Senior Analyst Third-Party Vendor Risk Analyst to join the IT Compliance Team. The Senior Third-Party Vendor Risk Analyst will help shape the Information Security Team's third party vendor risk management program. This individual will serve as a subject matter expert for third party vendor risk management, perform vendor risk assessments, propose updates to expand the program's capabilities, increase participation in the program and drive process improvements. This position is based in either our Chicago or Toronto office.

Responsibilities:

  • Partner with the business to execute vendor risk assessments

  • Monitor internal SLAs to ensure we provide timely service to our internal stakeholders

  • Serve as a subject matter expert for security vendor risk management

  • Collaborate with the procurement department and other internal stakeholders to improve and expand the vendor risk management program

  • Review third party security documents (SOC2, security policies, data flow diagrams, etc.)

  • Perform contract reviews of proposed changes to security requirements in our third party contracts

  • Liaise with third party vendors as required

Requirements:

  • A bachelor's degree and 5+ years' experience include 3+ in a vendor risk related role

  • Experience serving as the subject matter expert for security vendor due diligence

  • Experience performing contract review of security terms

  • Familiarity with common compliance standards (SOX, SOC2, PCI-DSS, GDPR etc.)

  • Familiarity with security frameworks (ISO 27001, NIST, etc.) and general security concepts

  • Strong organizational skills and the ability to multitask and switch priorities with short notice

  • Strong business analysis, research and analytical skills

  • Excellent communication skills

Base Salary Range: $90,000 - $132,711

Bonus: 12.5%

If you receive and accept an offer from us, we require that personal and any related investments be disclosed confidentiality to our Compliance team (days vary by region). These investments will be reviewed to ensure they meet Code of Ethics requirements. If any conflicts of interest are identified, then you will be required to liquidate those holdings immediately. In addition, dependent on your department and location of work certain employee accounts must be held with an approved broker (for example all, U.S. employee accounts). If this applies and your account(s) are not with an approved broker, you will be required to move your holdings to an approved broker.

Morningstar's hybrid work environment gives you the opportunity to collaborate in-person each week as we've found that we're at our best when we're purposely together on a regular basis. In most of our locations, our hybrid work model is four days in-office each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you'll have tools and resources to engage meaningfully with your global colleagues.

Apply