IT Governance

Job Description

IT Governance & Risk Analyst – Software Asset Management



Exciting opportunity in the insurance industry for a Governance and Risk Analyst specializing in Software Asset Management. Work on high-impact projects aligning with OSFI regulations, manage compliance frameworks, and enhance risk reporting. Hybrid role in Toronto using ServiceNow, SAM Pro, and CMDB tools.



What is in it for you:




• Salaried: $60-70 per hour.


• Incorporated Business Rate: $70-80 per hour.


• 4-month contract with the potential for permanent employment.


• Full-time position: 37.50 hours per week.


• In-office presence required from Tuesday to Thursday.


• Remote work available on Mondays and Fridays.



Responsibilities:




• Develop a comprehensive Software Risk and Governance Framework aligned to internal Standards 031 and OSFI regulatory expectations.


• Define governance structures including accountability, risk ownership, and escalation paths.


• Implement compliance monitoring mechanisms and conduct periodic reviews and self-assessments.


• Lead internal and external audit coordination related to software risk, cybersecurity, and governance.


• Collaborate with cybersecurity teams to align vulnerability management and resilience testing with federal guidelines.


• Create and maintain governance dashboards tracking control maturity, risk indicators, and OSFI compliance.


• Report governance metrics and risk remediation progress to senior leadership.


• Continuously enhance governance practices in line with updates to OSFI guidelines (B-10, B-13, E-21).


• Maintain software license recognition and validation within SAM Pro and ServiceNow.


• Coordinate with cross-functional teams to ensure asset compliance and accuracy in the CMDB.


• Support project coordination efforts within the Software Asset Management team.



What you will need to succeed:




• Bachelor's degree in Information Technology, Cybersecurity, Risk Management, or a related field.


• Certified Software Asset Manager (preferred).


• 3–7 years of experience in technology risk, IT compliance, software governance, or cybersecurity.


• Strong knowledge of OSFI regulations and associated governance frameworks.


• Experience designing governance models, policies, and maturity controls.


• Familiarity with ServiceNow modules and CMDB.


• Hands-on experience with SAM Pro software asset management tools.


• Knowledge of GRC platforms such as ServiceNow GRC, Archer, or OneTrust (preferred).


• IT Asset Management and audit background (preferred).


• Excellent analytical, documentation, and governance design skills.


• Clear communicator with the ability to influence stakeholders across functions.


• Detail-oriented and experienced working in regulatory environments.


• Self-starter and creative thinker who thrives in a collaborative setting.



Why Recruit Action?



Recruit Action (agency permit: AP provides recruitment services through quality support and a personalized approach to job seekers and businesses. Only candidates who match hiring criteria will be contacted.



# MFCJP