About

• Next Horizon is here. Fueled by investments in talent and technology, our bold strategy to transform is nearly complete.
• At Gore Mutual, we’ve always set ourselves apart as a modern mutual that does good. Now, we’re proudly building on that legacy to transform our company—and our industry—for the better.
• Our path forward sharpens our focus on business performance, driven by leading technology, innovation and an agile, high-performing culture. With Gore Mutual and Beneva announcing their intent to merge in 2026, we’ll be uniting two well-established, financially strong, and trusted brands to become the strongest mutual insurer in Canada, ensuring Canadians have purpose-driven insurance options for generations to come. Come join us.
• Reporting to the Manager, Operational Risk Management, the Risk Analyst will primarily support the delivery of the Company’s Operational Risk Management (ORM) Program and be a backup for the Manager of Operational Risk Management. As part of the Enterprise Risk Management (ERM) team, this team member will collaborate with Procurement, and Business Units, to primarily support the fostering of strong partnership across the organization to strategically identify, assess and mitigate operational risks under the ORM Program and the enhancement of the Company’s operational resilience.
• What will you do?
• Support the delivery of a robust ORM Program – 25% of time
• Maintain the central repository and solicit updates from business units on key risk indicators, risk events, issues, audit findings, and mitigation plans in the Onspring GRC System.
• Support the annual refresh and update of Risk and Control Self-Assessments and Risk Register.
• Support the documentation and implementation of enterprise risk management programs.
• Liaising with first line business partners and acting as a resource to field questions.
• The Risk Analyst will be a backup for the Manager, Operational Risk Management and support Chief Risk Officer, and Manager, Cyber and Technology Risk Management, on an as required basis.
• Special projects and other duties as required.
• ​​Supporting Third-Party Risk Management Program – 25% of time​
• Update the central inventory of third-party suppliers through the risk assessment in the Procurement cycle.
• Support the documentation and implementation of third-party risk management requirements, including the collection and assessment of due diligence documentation based on the risk for each third-party.
• Support development and implementation of controls to monitor and challenge concentration risks, subcontractor risks, cyber risks, and cloud security risks.
• Special projects and other duties as required.
• Supporting Enterprise Continuity Risk Management (ECM) Program – 25% of time
• ​​Maintain and follow up with first line stakeholders to update the central ECM inventory of Business Unit and Functional Area business impact assessment (BIA) documentation.
• ​Maintain and follow up with first line stakeholders to update the central ECM inventory of Business Unit and Functional Area business impact analysis business continuity plans (BCP).
• ​Collaborate with Communications to review their execution of Crisis Communications plan and call tree testing.
• ​Collaborate with IT to assess the effectiveness of BIAs and BCPs to support IT and Disaster Recovery.
• ​Reporting quarterly on the status of plans and program KRIs. ​
• ​​Second line Control Monitoring and Testing – 15% of time ​
• ​​Collect Business Process Mapping of controls to validate adequate risk policies and procedures.
• ​Conduct ongoing gap analyses to assess changing regulatory and risk environment.
• ​Testing a sampling of controls to confirm completeness and assess effectiveness. ​
• ​​Supporting Growth of the Risk Culture – 10% of time​
• ​​Establish, build, and maintain collaborative relationships with business partners, promoting a risk-aware culture.
• ​Support the Risk Champions Network through collaborative relationships with business partners and promotion of risk awareness and training.
• ​Supporting development of future Operational Risk Programs, including model risk management, records management, etc. ​
• What will you need to succeed?
• Undergraduate degree in finance, business administration, legal or public policy. Chartered Insurance Professional (CIP) considered an asset, CRM Required and CBCP mandatory
• 2-5 years of experience in financial services
• 2+ years of operational risk management experience
• 1+ years of third party or vendor management
• 1+ years of business continuity management
• Cybersecurity and technology risk management is an asset
• The ideal candidate will demonstrate strong facilitation and initiative, adaptability to change, confident and professional business interactions, attention to detail with sustained focus, exceptional writing and editing ability, proficiency in Microsoft Office (with Onspring experience as an asset), and the capacity to influence others, analyze business processes, execute with speed and effectiveness, and prioritize tasks at a high level.
• #LI-Hybrid
• Accessibility for applicants
• Gore Mutual Insurance Company is committed to providing accommodations for people with disabilities during all phases of the recruiting process, including the application process.
• If you require accommodation because of a disability, we will work with you to meet your needs. Contact us and a human resources representative will consult with you to determine an appropriate accommodation.
• Should you request an accommodation during the interview process, please notify your Talent Acquisition Consultant.