Senior Manager, Security GRC

Your Moneris Career - The Opportunity You will be in a leadership role responsible for overseeing our security governance, risk management, compliance, and awareness programs. Reporting directly to the VP, Information Security, you will play a critical part in ensuring that security initiatives align with business objectives and regulatory requirements. The successful candidate will lead efforts to assess and manage risks, develop security metrics, ensure regulatory compliance, and drive security awareness across the organization. You will ensure that our security posture is robust and aligned with regulatory requirements, industry standards, and best practices. Location: You will be based in our Toronto office, balancing in-office collaboration with remote flexibility. Reporting Relationship: You will report to the VP, Information Security. Your Moneris Career - What You\'ll Do Develop and lead our security GRC strategy, ensuring alignment with business objectives and regulatory requirements and serves as key advisor to CISO and other senior executives on security GRC initiatives Build, manage a security GRC team, promoting a culture of continuous learning and professional development. Management includes the team\'s performance, ensuring organizational goals and always tracking OKRs defined for security GRC vertical. Establish and maintain security policies, standards, and frameworks that align with industry best practices (e.g., ISO 27001, NIST, GDPR, PCI-DSS), that includes providing guidance and oversight to business partners ensuring Moneris\'s application and products are following applicable policies and standards. Lead the Security Governance Committee to ensure ongoing oversight and governance of security risks Take the ownership to develop and maintain the enterprise-wide security risk register, ensuring risks are properly documented, prioritized, and mitigated. Provide guidance and participate in risk assessments and threat modeling exercises to identify vulnerabilities across different products and oversee risk treatment plans. Design targeted security programs (including measuring effectiveness), such as phishing/spear-phishing simulations to enhance our security culture, mandatory data breach training, etc. Collaborate with the incident response team to manage security incidents and breaches, ensuring root cause analysis and corrective actions are completed Lead the end-to-end planning and execution of Moneris\' annual audits such as PCI DSS, IT General Controls audit, internal audits, etc. Coordinate across teams (IT, InfoSec, Legal, Operations, etc.) to collect, validate, and organize documentation and controls evidence. Track audit status, risks, and issues, providing regular updates to executive leadership Maintain documentation to support compliance, including system inventories, data flow diagrams, risk assessments, and remediation logs Your Moneris Career - What You Bring Bachelors in Computer Science, Information Security, Risk Management or Equivalent Minimum 12+ years of experience; previous experience in the payment industry considered an asset. Also, out of 12 years, minimum 5 years in leadership capacity Experience developing and executing security GRC strategies in a complex, global organization. Experience with security frameworks, standards, and regulations (e.g., NIST, PCI-DSS, ISO27001, GDPR). Navigate regulatory environments and influence organizational change Information Security GRC, Regulatory Compliance management, Information Security domain knowledge in IAM, Network Security, Cloud Security Experience with frameworks NIST, PCI-DSS etc. Relevant certifications such as CISM, CISSP, CRISC, CISA, or similar are highly preferred. Your Moneris Career - What You Get At Moneris, we believe in empowering you to succeed—personally and professionally. As part of our team, you\'ll have access to resources, opportunities, and an inclusive environment that supports your development and career. Comprehensive Total Rewards Program, including performance-based bonuses, flexible benefits starting from day one, and your choice of a health spending account (HSA) or personal spending account (PSA) Retirement planning support, with profit-sharing programs including company match and a defined contribution pension plan Growth & development opportunities, including unlimited access to Coursera, mentorship programs, and an internal gig marketplace Holistic wellness support, with an Employee & Family Assistance Program, 24/7 virtual healthcare, and workplace wellness initiatives Flexibility that works for you, including hybrid work arrangements, a Work from Abroad program, and paid time off programs Recognition and rewards, with company-wide recognition programs, exclusive banking perks from RBC & BMO, and access to great employee discounts Find out more about the work perks and benefits you get as a Moneris employee at Moneris.com/careers #TECH-IND Note: We welcome and encourage applications from Indigenous peoples, people of colour, people with disabilities, people of all genders, sexual orientation and intersectional identities. We acknowledge that people from equity-deserving groups are less likely to apply for jobs unless they feel they meet all the requirements posted. At Moneris, we believe candidates bring experience to their work in many ways. We encourage you to apply and share in the application form the transferrable experience you bring, and how this will support your success in this role. Seniority level: Director Employment type: Full-time Job function: Other, Information Technology, and Management #J-18808-Ljbffr