System Governance Specialist

About the role

Reporting to the Chief Technology Officer, the System Governance Specialist plays a critical role in strengthening the organization's control environment by bridging audit, risk, and technology. This role requires an individual who combines hands-on audit experience with strong technical acumen, enabling them to interpret audit findings, assess control gaps, and drive meaningful remediation actions across systems and platforms. The role is accountable for establishing and operating a cohesive governance function across Information Services & Digital Solutions (ISDS), combining hands-on execution with strategic advisory. The role serves as the central point of integration for audit, risk, and control activities, while translating these inputs into clear, decision-ready insight that informs ISDS leadership prioritization, trade-offs, and operational direction. While maintaining responsibility for technology governance processes, including risk registers, audit coordination, and reporting, the role elevates governance beyond coordination by identifying systemic risks, challenging assumptions, and providing actionable recommendations that strengthen control effectiveness, improve resilience, and align technology risks with enterprise risk visibility. This role ensures technology risk is not only well-governed, but meaningfully integrated into enterprise risk visibility, complementing Enterprise Risk Management and Internal Audit while influencing outcomes across both. Key Duties and Responsibilities Proactive Risk Assessment and Control Advisory Provide forward-looking risk insight by identifying emerging technology, operational, and vendor risks and advising leadership on potential impacts and mitigation strategies. Translate complex risk, audit, and operational data into decisive, outcome-oriented recommendations that shape prioritization, funding, and execution trade-offs. Advise leadership on risk acceptance, mitigation strategies, and residual exposure during transformation initiatives, major programs, and operational changes. Challenge existing control environments by identifying systemic weaknesses, root causes, and opportunities for standardization across ISDS. Drive alignment between ISDS risk practices and enterprise risk frameworks, ensuring technology risks are consistently positioned within enterprise risk discussions. Analyze audit findings and translate them into clear, actionable control remediation plans. Proactively advise product managers and business lines on controls that should be embedded into systems and processes to mitigate risk. Ensure controls are not only documented but effectively implemented within platforms and workflows. Governance, Risk, and Audit Coordination Own the evolution of the ISDS Risk Register into a decision-support tool, incorporating trend analysis, systemic risk identification, and prioritization aligned to business impact. Convert audit findings and assessments into enterprise-relevant themes, addressing root causes rather than isolated issues. Act as the authoritative interface between ISDS and Audit & Risk, influencing how technology risks are represented, interpreted, and escalated. Shape enterprise risk reporting by ensuring technology risks are clearly articulated, appropriately prioritized, and connected to broader organizational risk themes. Prepare consolidated ISDS risk inputs for quarterly and annual organizational risk reporting cycles. Work closely with audit, risk, and technology teams to interpret audit recommendations and define appropriate technical and operational responses. Provide specific, practical guidance to engineering and product teams on how to implement control improvements, not just coordinate activities. Track and report on remediation progress, ensuring clear communication with internal and external auditors. Develop a strong understanding of OSC's systems and platforms and how controls operate within them. Assess system designs and configurations to ensure alignment with control requirements and risk management standards. Act as a trusted advisor to

Benefits

Additional Information

Department Regular, Full time Closing Date: June 17, 2026 The Ontario Securities Commission (OSC) is the statutory body responsible for regulating Ontario's capital markets in accordance with the mandate established in the provincial Securities Act and the Commodity Futures Act. The mandate of the OSC is to provide protection to investors from unfair, improper or fraudulent practices, to foster fair, efficient and competitive capital markets and confidence in the capital markets, to foster capital formation, and to contribute to the stability of the financial system and the reduction of systemic risk. This mandate is performed through policy, operational, and enforcement activities. The OSC also contributes to national and global securities regulation development. We offer a diverse, fair, and flexible work environment and take pride in our challenging and rewarding work.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at osc? Share your experience