Alberta Blue Cross® is an Alberta based organization dedicated to delivering exceptional customer experience and community leadership. We’re committed to providing the best health coverage to over 1.8 million members and take an active role in promoting wellness. We believe in what we do—and place trust in our employees to deliver our vision.

Working at Alberta Blue Cross® means having a career where you’ll be recognized for your contributions. We value diversity, encourage our team members to maintain a healthy work-life balance and provide opportunities for career growth.

##OVERVIEW

We have an exciting opportunity for aDirector, IT Risk & Complianceto join our dynamic IT team. Reporting to the Director, CISO, this position provides IT leadership for technology risk management, regulatory compliance, and governance frameworks. This role sets the strategic direction for how the IT organization identifies, assesses, mitigates, and reports on technology related risks. With oversight of two managers and their respective teams, the Director ensures the organization maintains a strong control environment, meets regulatory obligations, and makes informed, risk‑aware decisions.

This is a highly visible leadership role that partners closely with senior executives, technology leaders, internal audit, legal, and external regulators.

##WHAT YOU WILL DO

• Establish and maintain the enterprise IT risk management strategy, ensuring alignment with business objectives and regulatory expectations.
• Lead the adoption and continuous improvement of IT Risk frameworks and standards.
• Direct the IT compliance program, including policy governance, control testing, regulatory reporting, and audit readiness.
• Oversee risk assessments, technology control evaluations, and third‑party/vendor risk reviews.
• Provide strategic direction to two managers responsible for risk operations and compliance programs, ensuring clarity of priorities and performance expectations.
• Partner with senior leaders, technology teams, legal, and audit to embed risk‑aware decision making across the organization.
• Oversee governance technology incidents, including escalation protocols, documentation, and post‑incident reviews.
• Deliver executive level IT Risk universe to report on risk posture, compliance status, and emerging threats.
• Drive continuous improvement initiatives to enhance the maturity and efficiency of risk and compliance capabilities.
• Sponsor and support IT wide risk, compliance, and security awareness programs.

##POSITION SCOPE

• Oversee IT risk and compliance activities across all business units, systems, and technology domains.
• Lead managers who oversee teams of subject matter experts in areas such IT risk, controls, compliance, and third‑party risk.
• Own the enterprise IT risk management program, compliance program, and associated governance committees.
• Manage budgets, resource planning, and vendor relationships for risk and compliance functions.
• Lead multi‑year roadmaps to strengthen controls, reduce risk exposure, and improve compliance efficiency.
• Provide updates to IT leadership and executive committees on risk posture, compliance status, and emerging issues.

##KEY ACCOUNTABILITIES

• Accountable for the accuracy and completeness of the organization’s IT risk profile.
• Ensure adherence to applicable regulatory, contractual, and industry requirements.
• In partnership with IT leaders, own the outcomes of internal and external audits, including remediation planning and timely closure of findings.
• Ensure policies, standards, and procedures are current, effective, and consistently applied.
• Develop managers and ensure high performance across risk and compliance teams.
• Provide clear, actionable insights to senior leadership and board committees.
• Ensure risk acceptance, mitigation, and transfer decisions follow governance processes and are properly documented.

KEY SUCCESS MEASURES

• Establishment of an effective IT Risk framework.
• Establish effective Key Risk Indicators and ensure they are aligned with IT.
• On time remediation of all high-risk compliance findings.

WHAT YOU WILL HAVE

• Bachelor’s degree or equivalent in information technology, or related field.
• 10+ years of progressive experience in IT risk management, compliance, or governance.
• 5+ years of leadership experience, including managing managers and multi‑disciplinary teams.
• Strong budgeting, forecasting, capital planning, and benefits-realization capabilities.
• Proven ability to build and lead high-performing teams while fostering a culture of collaboration, accountability and trust.
• Strong strategic thinking and data-driven decision making skills.
• Deep knowledge of frameworks such as SOC, COBIT, and regulatory requirements relevant to the organization.
• Experience leading IT‑wide risk or compliance programs in complex environments.
• Excellent communication and relationship building skills with the ability to influence at all levels, including executives.
• Demonstrated change leadership; guiding teams through transformation with resilience, clarity, and empathy.
• A forward-looking, innovative, and adaptable mindset with the ability to anticipate organizational needs.
• Demonstrated curiosity and commitment to lifelong learning; actively exploring new ideas, asking questions, and seeking knowledge to fuel innovation.
• Ability to thrive in dynamic environments, adapt quickly to shifting priorities while guiding others to embrace new ways of working with empathy, patience, and persistence.
• Ability to inspire and develop talent; build high performing, engaged teams through coaching, mentoring, and accountability.
• Demonstrated strengths in negotiation, budgeting, planning, organizing, and delegation.
• Experienced in partnering with senior leaders to shape and deliver strategies that drive measurable results.

##COMPETENCY MATRIX

Strategic thinking

• Description – Ability to align portfolio decisions with enterprise strategy.
• Proficiency level – Advanced.
• Evidence – Demonstrated in portfolio alignment outcomes.

Leadership

• Description – Builds high-performing teams and leads change.
• Proficiency level – Advanced.
• Evidence – Feedback, team outcomes.

Analytical skills

• Description – Use critical thinking and data for decisions and forecasting.
• Proficiency level – Advanced.
• Evidence – Dashboard use, forecasting accuracy.

Collaboration

• Description – Works across business units effectively.
• Proficiency level – Advanced.
• Evidence – Cross-functional success cases.

BEHAVIORAL INDICATORS

Strategic thinking:

• Consistently anticipate enterprise impacts before decisions are made.
• Connects portfolio choices to external market and organizational context.

Leadership:

• Model calm, confident leadership during ambiguity.
• Actively coach team members and builds successors.

Analytical skills:

• Employ critical thinking, leveraging data to challenge assumptions and drive prioritization.
• Simplify complex information for executive decision making.

Collaboration:

• Proactively seek alignment across business functions.
• Resolve conflicts by focusing on outcomes, not positions.

This position will remain open until a suitable candidate is selected.

Alberta Blue Cross® is an inclusive employer committed to a workplace that reflects the diversity of the communities we serve. We empower and are advocates for our team members by welcoming, respecting and valuing their unique perspectives, backgrounds, and experiences.

We offer the opportunity to work in an innovative, high-energy team-focused environment. If you have the qualifications we are looking for, apply online at careers.ab.bluecross.ca