About this opportunity

At Meridian our aspiration is to integrate our purpose into everything we do for people, the planet, and communities. We believe that our greatest opportunity is to create opportunity and meet people where they are.

The IT Risk Oversight Specialist is a member of Meridian Credit Union’s Risk Management Team. The IT Risk Oversight Specialist is responsible to build, own, and manage an IT risk oversight program providing analysis, independent oversight reporting, and overall second line oversight and effective challenge of Meridian’s IT Governance and Information Security programs. The role will act as a trusted business advisor to internal partners with respect to IT risk management best practices, processes, and procedures.

Key Responsibilities

IT risk oversight:

• Lead/participate in all internal and external IT Audit and assessment activities. This includes working with the IT Governance and InfoSec team to develop, communicate, and maintain an annual audit plan and schedule, working with executives, senior management, IT subject matter experts, and third-party auditors and assessors.
• Work with Internal Audit Services and External Auditors on planning and executing audit engagements, including independent control testing as appropriate.
• Monitor and track IT Audit management commitments and remediation activities to ensure commitment dates are met.
• Oversee the centralized tracking of internal IT & InfoSec documentation to meet regulatory objectives (e.g. COBIT, ISO), ensuring all documentation required for audit and assessments are maintained and kept updated on required cycles.
• Develop, maintain, collect, challenge, and oversee metrics related to 1st line activities.

Oversight of IT Governance and InfoSec function:

• Create and maintain second line of defence oversight role, program, responsibilities, and processes related to IT Governance and InfoSec’s management of IT and Information Security risks.
• Partner with IT Governance and InfoSec to actively contribute to the development of IT risk policies, frameworks, and mandates.
• Monitor IT and Information Security measures and key risk indicators and review and challenge IT Governance and InfoSec's functional designs, data, and processes.
• Assess the adequacy of IT and Information Security risk appetite and recommend updates.
• Participate in risk policy and metrics development and maintenance.
• Report on Meridian’s compliance with Policies, risk appetite, etc. to Meridian management and Board of Directors.

Enterprise-wide risk programs:

• Support Risk Leadership in the management and execution of several enterprise-wide risk programs that have a strong focus on IT risk elements, including:
  • Enterprise Risk Management (“ERM”) programs, including quarterly ERM assessments, risk appetite setting/monitoring, and initiative risk assessments.
  • Operational Risk Management Framework;
  • Business Continuity Management Program, including elements of the Crisis Management Team (“CMT”) and Computer Security Incident Response Team (“CSIRT”); and
  • Scenario analysis, including inputs to the Internal Capital Adequacy Assessment Process (“ICAAP”)
• Assist with the completion of Risk and Control Self-Assessments (“RCSA”) for IT and related departments.
• Support and manage the broader IT risk management programs of all Meridian subsidiaries as required.

AI and Data oversight:

• Support Risk Leadership to develop/maintain the framework through which AI and Data risks are identified and assessed by the 2nd line.

• Maintain close relationships with Enterprise Analytics & Data team to provide oversight of AI and Data risk management programs.

• Oversee and provide reporting to management and the Board of Directors on the overall status of AI and Data risk management as needed.

Knowledge, Skills, and Abilities

• Experience related to IT governance/risk functions.

• Working knowledge of industry IT frameworks, such as COBIT and ISO 27001 & 27002.

• Knowledge of FSRA and OSFI regulation on IT and Information Security.

• Strong verbal communication and training skills with ability to facilitate a mix of technical teams and Senior Management.

• Strong interpersonal skills; able to interact independently (with minimal supervision) and competently with all levels of management, staff, and vendors.

• Ability to develop and maintain strong internal and external relationships.

• Strong written communication skills with ability to write clear, easy to understand work (policy, procedures, plans, and technical documentation).

• Strong analytical and methodological skills with attention to detail

• Strong time management skills; able to prioritize and plan workload, meet deadlines in a dynamic, fast-paced environment, and adapt to changing business needs.

• Service oriented and customer focused, with a passion for recognizing and introducing process improvement initiatives.

• Professional, subject matter expert with experience to be a highly effective internal consultant.

Education, Designations, Training, and Experience

• 5 years related industry/professional experience, with preference for 3+ years previous experience in an IT environment.

• A minimum of 3 years proven experience and knowledge of business and project management principles, methods, and techniques.

• Degree or diploma preferably in Business or Information Technology (or acceptable equivalent), with working knowledge of IT and COBIT principles and practices.

• Comfort learning and adopting new digital tools, with an openness to using AI‑enabled technology to enhance productivity, accuracy, and the Member experience.

This role represents an existing vacancy. Internal candidates are being considered as part of our standard process.

Salary Range: CAD**$68,800.00 to $103,200.00****annually.**

Compensation for this role is based on a combination of skills, experience, and internal equity. Candidates with stronger alignment to the role’s requirements may be placed higher within the range. Your recruiter will share more information about our total rewards package during the hiring process.

Office Location: St. Catharines Corporate Office, located at 75 Corporate Park Drive, St. Catharines, ON. or Toronto Corporate Office located at 3280 Bloor St W, Etobicoke, ON.

Meridian has a remote work policy that allows flexibility for employees to work remotely but also requires regular time in the office for purposeful meetings to collaborate, innovate and build effective relationships with your team, your colleagues and your leader which is very important to us.

What's in it for you?

• We have an inclusive and collaborative working environment that encourages creativity, curiosity, and celebrates success

• We provide you with the tools and technology needed to delight your candidates and clients

• You'll get to work with and learn from diverse industry leaders

• Hybrid work arrangements with in-person office time to collaborate, innovate and build relationships with your colleagues

• This isn't your typical "corporate" job. We work hard and we have fun!

Build the Future of Banking with Us

At Meridian, we’re not just adapting to the future—we’re shaping it. We see talent as a catalyst forsustainable growth,community impact, andfuture-readiness. As the financial landscape evolves, we’re looking for team members who bring:

-Embedding & leveraging technology– Confidence and willingness to learn and integrate AI and emerging technologies into new ways of working. Experience with low/no code tools like the Microsoft Power Platform and generative AI productivity tools like Microsoft Copilot is considered an asset -Critical Thinking– The ability to analyze, evaluate and interpret information from various sources and apply logic and problem solving to make decisions. -Data Driven– Leverage data and insights to identify, prioritize and improve member experience and business efficiency. -Curiosity & Flexibility– Comfortable navigating and embracing change and uncertainty, ask more questions, explore more options. Continuously learn and grow.

Who we are:

Meridian is Ontario’s largest credit union, and second largest in Canada, helping to grow the lives of our more than 380,000 Members. Meridian has more than 80 years of banking history and is 100% owned by its members. With 87 retail branches and 15 Business Banking Centers across Ontario and $ 32B in assets under management, Meridian offers a full range of financial products and services to its retail, business banking and wealth members. With over 2200 employees and corporate offices located in Toronto and St. Catharines, Meridian has a track record of creating and delivering innovative new offerings and is committed to investing in the communities that we serve. Our plan is to build on our momentum as we deliver on our purpose - helping our members achieve their best life.

Find our story here: About Meridian

Experience the Difference!

Meridian committed to promoting an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to employing a workforce that reflects the diversity of our communities and Members in which we live and serve.

Qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity, gender expression, or disability.

Please note that due to the volume of applications, only those under consideration will be contacted for an interview.

Thank you for your interest in Meridian Credit Union.

Follow us on Twitter at

@MeridianCareers

Connect with us on LinkedIn

Meridian only posts jobs on our official Careers Site, LinkedIn, and Indeed. If you find a Meridian job posting on any other site, please verify it by ensuring it directs back to our official career page. Meridian never asks candidates to apply through third‑party links that do not redirect to our Careers portal (UltiPro). For more tips on how to protect yourself from job scams visit Protect yourself from job scams | Meridian.

#LI-TJ1

#LI-HYBRID