Technology Governance & Risk Analyst

Libro Credit Union is growing!  

Join Libro Credit Union as a full-time Technology Governance & Risk Analyst 

At Libro Credit Union, every employee and every customer are members. Everything we do is about strengthening financial well-being for a better tomorrow.  

As a Certified B Corporation©, we use business as a force for good. That means:

• Empowering people to live their most fulfilled lives.
• Supporting businesses and communities to thrive.
• Caring for the planet and economic growth through sustainable practices. 

Libro invests in our employee’s development and career ambitions. We value candidates who are accountable, courageous, inclusive, driven to perform and have a passion for supporting people, local business and communities in strengthening their financial well-being. 

We are currently hiring a full-time Technology Governance & Risk Analyst to support our IT Department. This job posting is for a newly created position and is eligible for flexible work, with an expectation to be at the London Admin office a few times a month.

The Technology Governance & Risk Analyst supports the development, implementation, and first-line oversight of technology governance, risk, and compliance activities within the IT environment. This role requires a strong foundation in IT and technology operations to effectively define standards, assess controls, and evaluate technology risks. Each analyst will have an assigned area of specialization (for example: cybersecurity and infrastructure, or application development, AI, data, and platforms), while operating within a consistent enterprise-wide Governance, Risk and Compliance framework.  

This role operates as a first line function within the Information Technology department, with Enterprise Risk Management providing second line oversight, methodology, and independent challenge. The role works closely with IT and business teams to help ensure standards are defined, controls are operating as intended, risks are identified and managed, and audit and assessment activities are coordinated and tracked. The role is focused on oversight, coordination, and validation rather than hands-on technical execution.  

The Role: 

• Support the development, maintenance, and periodic review of IT standards within the analyst’s assigned area of specialization, ensuring alignment with approved policies, regulatory expectations, and industry best practices. 
• Collaborate with technical teams to ensure standards are practical, current, and clearly documented.
• Perform first-line control monitoring activities within the assigned domain to assess compliance with IT standards and defined control requirements.  
• Review evidence, metrics, and reporting to confirm controls are operating consistently and escalate identified gaps or areas for improvement as appropriate. 
• This monitoring supports management oversight within IT, with Enterprise Risk Management providing independent second-line oversight and challenge.
• Coordinate and support audits and assessments relevant to the assigned area of specialization, including internal audits, external audits, and third-party or regulatory reviews.  
• Act as a central point of coordination for evidence collection, responses, and follow-up activities.
• Act as a technology risk subject matter expert and advisory function for new initiatives, facilitating and supporting technology risk assessments related to changes, initiatives, and ongoing operations within the assigned domain. 
• Assist with identifying risks, documenting impacts and mitigations, defining control requirements, and ensuring assessments align with established risk methodologies, governance processes, and the New Initiative Risk Assessment and approval process.
• Coordinate, track, and support remediation activities resulting from audits, assessments, and control reviews.  
• Maintain accurate tracking of open issues, follow up on remediation progress, and support management reporting and escalation as required. 

What We’re Looking For: 

• Diploma or degree in Information Technology, Computer Science, Information Systems, or a closely related technical field.
• Degrees focused primarily on risk or compliance may be considered only when combined with demonstrated hands-on IT experience.
• 3 to 6 years of experience working in an IT environment, with direct exposure to technology operations, systems, applications, infrastructure, platforms, or cloud environments
• Experience applying governance, risk, compliance, audit, or security practices within an IT context
• Experience working with IT teams across one or more domains (for example: infrastructure, cybersecurity, application development, data, platforms, or cloud)
• Experience supporting or coordinating audits, assessments, or regulatory reviews, including evidence collection and issue tracking
• Experience facilitating or supporting risk assessments related to technology, changes, or third parties
• Experience working in a regulated environment is an asset (for example financial services, credit unions, or public sector)
• Demonstrated knowledge of technology risk and control frameworks (for example COBIT, NIST, ISO 27001, or similar)
• Strong understanding of IT architecture, system components, and operational practices sufficient to draft meaningful standards and define control requirements
• Understanding of IT control areas such as access management, logging, patching, vulnerability management, and change management
• Familiarity with third-party risk management practices
• Experience with GRC tools, issue tracking, or risk registers
• Strong documentation, coordination, and stakeholder communication skills
• This role requires a strong foundation in IT and technology operations; risk and compliance expertise can be developed, but hands-on understanding of IT environments is essential.
• A relevant professional certification or designation in areas such as technology audit, information security, risk management, governance, compliance, or IT service management, or active pursuit of such a certification (Preferred)
• A passion for helping people grow their financial well-being.  
• Display Libro’s values of Accountability, Courage, High Performance and Inclusive Mindset. 

We Offer Total Reward Programs to Set You Up for Success In & Outside of Work: 

• Competitive salaries, benefit packages, pension plans, & incentive programs, that value your dedication.
• Generous vacation time.?
• Employee wellness program, Employee & Family Assistance Program, fitness club discounts, technology offers, travel and entertainment deals. ?
• Dedicated staff banking specialists to support strengthening your own financial well-being! Staff accounts and staff rates on products and services.?
• We believe in developing internal talent. Unlock your potential with tuition assistance and opportunities for advancement. 

If you're passionate about helping your community, interested in being part of a remarkable team, and want to do your part to strengthen financial well-being for a better tomorrow - we want to hear from you! 

Libro is committed to fostering a safe, healthy, and inclusive work environment that inspires respect.  As an inclusive employer we are committed to providing a fully accessible recruitment process.  Email us at careers@libro.ca any time during the recruitment process to let us know what supports you may need to be successful. 

Please note the expected salary range for this role is available on the Libro Careers site, where candidates are required to apply.