Job Description

End Date: September 26, 2025
At CAAT, we're passionate about what we do. And it shows!



Here, you'll find a cultural spark in everything we do - from the way we partner with members and employers, to the way we work, collaborate, and grow. It doesn't just feel different at CAAT. It is different. We're one of the fastest-growing pensions in the country for a reason. We challenge the status quo, making a real impact on the hundreds of employers we serve - from education institutions to major corporations and household brands. And we're just getting started. Driven by core values and a shared purpose, we're fierce champions for better retirement security, known for our can-do culture where everyone plays a role in bringing our vision to life. If this sounds like a fit, we'd love you to be a part of it.

About the Role:

The

Senior Manager, Cyber Risk and Compliance - Emerging Risks

is a hands-on leadership role that will be accountable for the implementation and operationalization of cyber and technology risk programs related to advanced technologies such as artificial intelligence (AI), machine learning (ML), quantum computing, and other disruptive innovations. The role is responsible for maintaining and implementing policies, standards, and controls to mitigate risks associated with emerging technologies while ensuring compliance with regulatory obligations and alignment with CAAT's Enterprise Risk Management (ERM) and Cybersecurity framework.

As the Newest Member of our Team, You'll:

Lead cyber risk programs across AI, quantum, and disruptive technologies. Execute audit cycles (ISO 27001, SOC 2), manage evidence, and track remediations. Apply frameworks like ISO/IEC 42001 and NIST AI RMF to next-gen platforms. Conduct technical risk assessments across infrastructure and AI systems. Develop and report KPIs/KRIs with performance dashboards and scorecards. Lead red/purple team simulations for GenAI or quantum risk exposure. Evaluate third-party platforms and vendor integrations for AI-related risk. Collaborate with Legal, Compliance, AI Engineering, and Architecture teams. Maintain and operationalize ISMS per ISO 27001 standards. Drive cyber education programs and security awareness across departments. Mentor cybersecurity and GRC staff; ensure documentation and execution excellence. Present risk and compliance findings to auditors, regulators, and senior leadership.

Core Domains of Expertise:

AI/ML Risk Management: Model security, threat modeling, bias testing, adversarial robustness Quantum & Emerging Tech Risk: Cryptographic modernization, post-quantum preparedness Cyber Risk & Compliance: ISO 27001, PCI-DSS, SOC 2, NIST frameworks, audit lifecycle, ERM integration, NIST AI RMF, MITRE ATLAS Resiliency: Response simulations, BCP/DR planning, cyber insurance validation Governance & GRC alignment: Policy enforcement, ERM integration, metrics reporting Third-party & cloud risk: Vendor audits, SaaS reviews, hybrid/on-prem environments Secure design: SSDLC, Zero Trust, secure AI architectures

To Succeed, You Bring:

Bachelor's in computer science, Cybersecurity, or related field. CISSP or CISM, CISA Certifications and ISO 27001 Lead Implementer or Auditor required. 12+ years in cybersecurity, compliance, and audit across financial or regulated industries Proven audit leadership across ISO 27001, SOC 2, NIST, PCI-DSS frameworks. Experience with GenAI/LLM platforms, synthetic data, agentic AI controls. Strong grasp of AI security controls and post-quantum cryptology readiness. Industry familiarity with pensions, financial services, or insurance preferred. CRISC, CGEIT, CEH, CAISP, CIPP/CIPM, or equivalent would also be an asset.

At CAAT, we believe innovation, passion, and purpose are ingredients for a great work environment. We're incredibly proud of our people and the remarkable impact they have as catalysts for change. We're committed to attracting and keeping great talent, which means competitive compensation, exceptional benefits, and an environment where people can grow and thrive. When you work with CAAT, you'll enjoy:

Opportunities to Build a Better You:

We never stand still. As we grow, so do you. Enjoy a place that provides endless opportunities to learn and master your skills while cultivating new ones.

Comprehensive & Holistic Care:

Be at your best with a Total Rewards program that feeds and prioritizes your physical, mental, and financial wellness. From flexible work arrangements, comprehensive benefits to wellness incentives, and a defined benefit pension plan - we have you covered.

A Place to Collaborate and Win:

We've built a lively environment where creativity and open communication thrive. It's why we're consistently recognized as one of 'Canada's Most Admired Corporate Cultures', one of 'Greater Toronto's Top Employers', and one of the 'Best Places to Work'*.

Work that Truly Matters.

You're giving Canadians the opportunity for better retirement security, and organizations the chance to do more.


If you believe that Canadians deserve a future where a secure lifetime retirement income contributes to their financial and overall well-being, then CAAT could be the right fit for you. Start your journey with us today. Apply now.


Learn more about us by visiting www.caatpension.ca/careers

Diversity, Equity, Inclusion, and Belonging (DEIB):

DEIB at CAAT means we respect and value the broadest range of experiences, geographies, gender, ethnicities, backgrounds, and perspectives as key elements of our culture. Our vision is to provide an environment where employees can bring their best, professional, authentic, selves to work.

CAAT Pension Plan is an equal opportunity employer, and we will accommodate any needs under the Accessibility for Ontarians with Disabilities Act and the Ontario Human Rights Code. Hiring processes will be modified to remove barriers to accommodate those with disabilities, if requested. Should any applicant require accommodation through the application processes, please contact us at hr@caatpension.ca or call Human Resources at 416-673-9000 for assistance.