IT Governance, Risk, and Compliance Manager
2 weeks ago
This role will have an exciting opportunity to be responsible for the implementation and on-going management of an ISO 27001 program and additional IT policies and procedures.
The IT Governance, Risk, and Compliance (GRC) Manager will be responsible for assessing, documenting, and strengthening the institution’s compliance and risk posture. This includes the planning and implementation of policies, procedures, standards, and controls to govern the protection of corporate information systems, networks, and data. The GRC manager will work closely with all areas of the organization, vendors, and the IT team to lead and manage the governance, risk and compliance related activities as described below.
KEY RESPONSIBILITIES
- Assess and document the institution’s compliance and risk posture as they relate to its information assets and operating models across the business units.
- Provide highly skilled, hands-on technical and information security expertise to enhance the development and implementation of the information security management (ISMS) program. The GRC Manager will be accountable for identifying, developing, and implementing the necessary controls to ensure the organization’s ISMS program remains robust and current for the firm.
- Accountable to ensure effective system-wide security analysis; intrusion detection; standards and testing; risk assessment; awareness and education; and development of policies, standards, and guidelines.
- Operate with a high degree of independence in matters relating to the investigation, impact, and analysis of security incidents, decisions regarding risk, and measures for computer and network security.
- Operate with a high degree of independence regarding project management activities, including development of project plans and budget/resource estimates.
- Setup a third-party vendor review process to ensure initial and ongoing compliance with our ISO 27001 standards.
- Improve the organization’s security posture through continuous process improvement, policies automation, testing and monitoring.
- Defines and documents business process responsibilities, ownership, exceptions and risks in a GRC tool.
- Develops reporting metrics, dashboards, and evidence artifacts, illustrating the effectiveness of the controls implemented.
- Schedules regular assessments and testing of effectiveness and efficiency of controls and creates GRC reports.
- Documents and reports control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities.
- Assists other staff in the management and oversight of IT security program functions.
- Remains current on best practices and technological advancements and acts as the organization's technical resource for security assessment and ISO 27001 compliance.
Requirements
KEY QUALIFICATIONS
- Minimum 7+ years of Information Security GRC related experience
- Strong understanding of the ISO 27001 information security framework.
- Demonstrated experience with Information Security Risk Management Programs, specifically helping to define an IS risk register which includes identifying threats and risks to the organization.
- Skilled in identifying and measuring Key Performance Indicators and Key Risks Indicators.
- Experience managing IT security programs in cloud -centric organizations.
- Experience with key cloud providers and their respective IAM security products/solutions.
- Excellent communication and relationship management skills with business stakeholders to identify and address top security risks.
- Experience with leading discussions, establishing outcomes, and negotiate paths forward with stakeholders.
- Excellent analytical and problem-solving skills with attention to detail.
- Proficiency in project management and experience in people leadership
- Ability to evolve security strategy based on research, data, business direction, and industry trends.
- Able to meet timelines.
CORE COMPETENCIES
- Being Authentic –Inspiring trust and being courageous.
- Focusing on Performance –Being accountable and driving results.
- Understanding Stakeholders – Knowing the needs of those who rely on you.
- Building Effective Relationships – Collaboration and communication.
LOCATION
The position can be based out of either the Toronto or Oakville office.
Fengate is an equal opportunity employer, we strive to attract and retain a diverse workforce and are committed to promoting diversity, equity, inclusion, and belonging in the workplace. It is a core priority at Fengate to create, operate with, and continuously grow and sustain an inclusive culture that respects and connects the diversity of our team, our clients, our partners, and the communities we work in.
We are committed to providing accommodation for persons with disabilities. If you require accommodation, we will work with you to meet your needs.
We thank all applicants for their interest in this position; however only candidates selected for an interview will be contacted.
Explore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr-
IT Governance, Risk, and Compliance Manager
1 week ago
Old Toronto, Canada Fengate Asset Management Full timeIT Governance, Risk, and Compliance ManagerThis role will have an exciting opportunity to be responsible for the implementation and on-going management of an ISO 27001 program and additional IT policies and procedures.The IT Governance, Risk, and Compliance (GRC) Manager will be responsible for assessing, documenting, and strengthening the institution’s...
-
Governance Risk and Compliance Specialist
1 week ago
Toronto, Canada LeverageTek IT Solutions Full timeOpportunity Details LeverageTek is actively seeking a Governance Risk and Compliance Specialist (GRC) – Technology and Enterprise Risk for a permanent position with its Ottawa-based customer. Work Location Hybrid preferred (1x/week onsite) or Remote (ON/QC) Key Tasks Deliver new security program capabilities by leading IT security, GRC, and cloud...
-
Governance Risk and Compliance Specialist
1 week ago
Toronto, Canada LeverageTek IT Solutions Full timeOpportunity Details LeverageTek is actively seeking a Governance Risk and Compliance Specialist (GRC) – Technology and Enterprise Risk for a permanent position with its Ottawa-based customer. Work Location Hybrid preferred (1x/week onsite) or Remote (ON/QC) Key Tasks Deliver new security program capabilities by leading IT security, GRC, and cloud...
-
Governance Risk and Compliance Specialist
1 week ago
Toronto, Canada LeverageTek IT Solutions Full timeOpportunity Details LeverageTek is actively seeking a Governance Risk and Compliance Specialist (GRC) – Technology and Enterprise Risk for a permanent position with its Ottawa-based customer. Work Location Hybrid preferred (1x/week onsite) or Remote (ON/QC) Key Tasks Deliver new security program capabilities by leading IT security, GRC, and cloud...
-
Governance Risk and Compliance Specialist
1 week ago
Toronto, Canada LeverageTek IT Solutions Full timeOpportunity DetailsLeverageTek is actively seeking a Governance Risk and Compliance Specialist (GRC) – Technology and Enterprise Risk for a permanent position with its Ottawa-based customer.Work LocationHybrid preferred (1x/week onsite) or Remote (ON/QC)Key TasksDeliver new security program capabilities by leading IT security, GRC, and cloud technology...
-
Governance Risk and Compliance Specialist
7 days ago
Toronto, Canada LeverageTek IT Solutions Full timeOpportunity DetailsLeverageTek is actively seeking a Governance Risk and Compliance Specialist (GRC) – Technology and Enterprise Risk for a permanent position with its Ottawa-based customer.Work LocationHybrid preferred (1x/week onsite) or Remote (ON/QC)Key TasksDeliver new security program capabilities by leading IT security, GRC, and cloud technology...
-
IT Governance, Risk, and Compliance Manager
Found in: Jooble CA O C2 - 1 week ago
Toronto, ON, Canada Fengate Asset Management Full timeIT Governance, Risk, and Compliance Manager This role will have an exciting opportunity to be responsible for the implementation and on-going management of an ISO 27001 program and additional IT policies and procedures. The IT Governance, Risk, and Compliance (GRC) Manager will be responsible for assessing, documenting, and strengthening the...
-
Governance Risk and Compliance Specialist
Found in: Adzuna CA C2 - 1 day ago
Toronto, ON, C6A, Ontario, Canada LeverageTek IT Solutions Full timeOpportunity DetailsLeverageTek is actively seeking a Governance Risk and Compliance Specialist (GRC) – Technology and Enterprise Risk for a permanent position with its Ottawa-based customer.Work LocationHybrid preferred (1x/week onsite) or Remote (ON/QC)Key TasksDeliver new security program capabilities by leading IT security, GRC, and cloud technology...
-
Senior Manager Governance, Risk
6 days ago
Toronto, Canada Canadian National Railway Full timeAt CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and...
-
Senior Manager Governance, Risk
6 days ago
Toronto, Canada Canadian National Railway Full timeAt CN, we work together to move our company-and North America-forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely...
-
Senior Manager Governance, Risk
7 days ago
Toronto, Canada Canadian National Railway Full timeAt CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and...
-
Senior Manager Governance, Risk
Found in: Whatjobs CA C2 - 3 days ago
Toronto, Canada Canadian National Railway Full timeAt CN, we work together to move our company-and North America-forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely...
-
Senior Manager Governance, Risk
Found in: Whatjobs CA C2 - 6 days ago
Toronto, Canada Canadian National Railway Full timeAt CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and...
-
Senior Manager Governance, Risk
1 week ago
Toronto, Canada Canadian National Railway Full timeAt CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and...
-
Senior Manager Governance, Risk
Found in: beBee S CA - 5 days ago
Toronto, Canada Canadian National Railway Full timeAt CN, we work together to move our company-and North America-forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely...
-
Senior Manager Governance, Risk
Found in: JG CA C2 - 1 week ago
Toronto, Canada Canadian National Railway Full timeAt CN, we work together to move our company-and North America-forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely...
-
Senior Manager Governance, Risk
Found in: beBee S CA - 6 days ago
Toronto, Canada CN Rail Full timeAt CN, we work together to move our company-and North America-forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely...
-
Senior Manager Governance, Risk
Found in: Jooble CA C2 - 1 day ago
Toronto, ON, Canada Canadian National Railway Full timeAt CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and...
-
Senior Manager Governance, Risk
Found in: Jooble CA O C2 - 7 days ago
Toronto, ON, Canada Canadian National Railway Full timeAt CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and...
-
Senior Manager Governance, Risk
Found in: Jooble CA C2 - 7 days ago
Toronto, ON, Canada Canadian National Railway Full timeAt CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and...