Manager, Security Governance, Risk and Compliance
2 weeks ago
**Build Your Career at Aecon**
Aecon is proud to build some of the most impactful infrastructure projects of this generation. From the roads and transit systems that connect our communities, to the communication networks that link us from coast-to-coast, and the water infrastructure that supplies our businesses and homes. Our integral work includes constructing the pipelines that join provinces with the energy that fuels the nation, and the airports and ports that connect us all. Aecon is there, safely and sustainably building the future.
**At Aecon we**:
- Ensure you and your family receive the services needed to support your mental, emotional, and physical well-being
- Believe in helping you build your career through our Aecon University and Leadership Programs
- Are committed to supporting and investing in inclusive work environments through initiatives like Equity, Diversity & Inclusion training.
- Are a leader in sustainable construction. With a strong commitment to operating responsibility by minimizing our impact on the environment and surrounding communities.
**Key Responsibilities**
- Prepares and maintains a security risk register that captures risks identified during architecture reviews, security risk assessments or other related channels and tracks remediation.
- Ensures that security requirements provided as part of an architecture review, or any other security assessment are in place prior to any system or solution go-live.
- Maintains and continually optimizes the security risk assessment framework.
- Creates and continuously updates information security policies and standards to align with industry best practices, pertinent regulations and accepted security frameworks (ISO/IEC 27k series, CIS, NIST 800 series, etc.)
- Helps develop and maintain key security metrics to provide a solid understanding of our current organizational security posture to key audiences including our executive team and our board members.
- Provides input to, and maintains, the information security roadmap that includes both strategic and tactical planning for the current and subsequent 2 years (i.e., 3-year roadmap).
- Develops and maintains security control security control library mapped to organization’s policies and standards.
- Measures and reports on the effectiveness of the security controls and proposes remedial actions as required.
- Records, tracks, and maintains a register of security exceptions to ensure they are appropriately managed.
- Conducts security assessments for complex initiatives, when required.
- Performs security audits of company business units and offices to ensure appropriate security safeguards are in place.
- Examines and interprets requirement documents and architecture diagrams and determines security risks to the organization.
- Collaborates with senior management to help make informed, risk-based recommendations to enhance the security posture of the organization, products, and services.
- Weighs business needs against security concerns to help guide the business to make practical and informed risk decisions.
- Evaluates and monitors third party vendors for security compliance.
- Facilitates and supports security related audits by serving as a key interface with external and internal auditors.
- Ensures compliance with mandatory security related training for all staff.
- Keeps up to date with the ever-changing cybersecurity threat landscape to assess any potential need to strengthen related areas of our security program framework.
**Required Knowledge and Experience**
- A degree or diploma in Computer Science, Information Technology or Information Security, or relevant work experience
- 7+ years of experience working in Information Security, Information Security Governance, Information Security Risk Management or Information Security Compliance in medium to large sized organizations.
- Certification(s) including CISSP, CISA, CRISC, CISM would be considered an asset.
- General knowledge of cloud service platform (AWS, Google Cloud Platform, Azure) security configuration and management.
- Deep knowledge of information security risk management frameworks and extensive experience performing information security risk assessments.
- Working experience with information security frameworks and industry standards such as ISO/IEC 27k series, PCI DSS, CIS and/or NIST 800 series.
**Necessary Competencies**
- Strong analytical and critical thinking skills.
- Strong and proven management skills including coaching, influence, negotiation, and conflict resolution.
- Highly motivated, and results oriented with an ability to handle high pressure situations with key stakeholders.
- Excellent presentation and communication skills, and an ability to present complex information in a manner suitable for technical and non-technical audiences.
-
IT Governance, Risk, and Compliance Manager
2 months ago
Old Toronto, Canada Fengate Asset Management Full timeIT Governance, Risk, and Compliance ManagerThis role will have an exciting opportunity to be responsible for the implementation and on-going management of an ISO 27001 program and additional IT policies and procedures.The IT Governance, Risk, and Compliance (GRC) Manager will be responsible for assessing, documenting, and strengthening the institution’s...
-
IT Governance, Risk, and Compliance Manager
2 months ago
Old Toronto, Canada Fengate Asset Management Full timeIT Governance, Risk, and Compliance ManagerThis role will have an exciting opportunity to be responsible for the implementation and on-going management of an ISO 27001 program and additional IT policies and procedures.The IT Governance, Risk, and Compliance (GRC) Manager will be responsible for assessing, documenting, and strengthening the institution’s...
-
IT Governance, Risk, and Compliance Manager
2 months ago
Old Toronto, Canada Fengate Asset Management Full timeIT Governance, Risk, and Compliance ManagerThis role will have an exciting opportunity to be responsible for the implementation and on-going management of an ISO 27001 program and additional IT policies and procedures.The IT Governance, Risk, and Compliance (GRC) Manager will be responsible for assessing, documenting, and strengthening the institution’s...
-
Manager, Governance, Risk and Compliance
2 weeks ago
Toronto, Canada HashiCorp Full time**Manager, Governance, Risk & Compliance**: **About the Role**: We're looking for a GRC manager to lead, develop and mature the commercial compliance (SOC 2 Type 2, ISO 27001/17/18) and policy/controls programs at HashiCorp. This role will be heavily focused on scaling, automating, and managing compliance capabilities across HashiCorp. We're looking for a...
-
Governance, Compliance and Risk Specialist
1 week ago
Toronto, Ontario, Canada reSolved Full timeGovernance, Compliance and Risk SpecialistCanada (Remote)About reSolvedWe partner with organizations that do good, so they can be better. Because we believe there is always a better way. Our clients have a clear purpose and vision. They are the leaders, innovators, allies, and dynamos solving society's complex challenges and making the world a better place....
-
Governance, Compliance and Risk Specialist
3 weeks ago
Toronto, Canada Re-Solved Full time**Canada (Remote)**: **About reSolved**: **We partner with organizations that do good, so they can be better. Because we believe there is always a better way**. Our clients have a clear purpose and vision. They are the leaders, innovators, allies, and dynamos solving society’s complex challenges and making the world a better place. reSolved is the silent...
-
Toronto, Canada Healthcare of Ontario Pension Plan Full timeWhy you’ll love working here:high-performance, people-focused cultureour commitment that equity, diversity, and inclusion are fundamental to our work environment and business success, which helps employees feel valued and empowered to be their authentic selvesmembership in HOOPP’s world class defined benefit pension plan, which can serve as an important...
-
Senior Manager Governance, Risk
3 weeks ago
Toronto, Canada CN Full timeJob Summary The purpose of this role is to establish and maintain an industry leading Governance, Risk & Compliance (GRC) practice, develop & mentor a team, and develop policies, standards, risk registries and metrics to comply with business and regulatory requirements and build resilience in people, systems and data to enable CN to reach strategic goals and...
-
Senior Manager Governance, Risk
3 weeks ago
Toronto, Canada Canadian National Railway Full timeAt CN, we work together to move our company-and North America-forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely...
-
Senior Manager Governance, Risk
3 weeks ago
Toronto, Canada Canadian National Railway Full timeAt CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and...
-
Senior Manager Governance, Risk
3 weeks ago
Toronto, Canada Canadian National Railway Full timeAt CN, we work together to move our company-and North America-forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely...
-
Senior Manager Governance, Risk
3 weeks ago
Toronto, Canada Canadian National Railway Full timeAt CN, we work together to move our company-and North America-forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely...
-
Senior Manager Governance, Risk
3 weeks ago
Toronto, Canada Canadian National Railway Full timeAt CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and...
-
Governance, Risk and Compliance
1 week ago
Toronto, Ontario, Canada CAPCO Full timeGovernance, Risk and Compliance (GRC) Technology Solutions Consultant (Hybrid - Toronto) at Capco Canada - Toronto Capco – The Future. Now. Capco is a distinctly and positively different place to work. Much more than consultants, we are active participants in the global financial services industry. Our passionate business and technology...
-
Governance, Compliance and Risk Specialist
1 week ago
Toronto, Ontario, Canada Re-Solved Full timeCanada (Remote):About reSolved:We partner with organizations that do good, so they can be better. Because we believe there is always a better way. Our clients have a clear purpose and vision. They are the leaders, innovators, allies, and dynamos solving society's complex challenges and making the world a better place. reSolved is the silent partner that...
-
Senior Manager Governance, Risk
3 weeks ago
Toronto, ON, Canada Canadian National Railway Full timeAt CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and...
-
Senior Manager Governance, Risk
3 weeks ago
Toronto, ON, Canada Canadian National Railway Full timeAt CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and...
-
Toronto, Canada BMO Financial Group Full time250 Yonge Street Toronto Ontario,M5B 2L7 As Governance, Risk and Compliance specialist, you will support the Cyber Security Center of Excellence in the effective implementation, maintenance and administration of first line of defense (1st LOD) programs (e.g., operational risk, compliance, regulatory, etc. Contributes to a strong risk management culture...
-
Old Toronto, Canada HOOPP Full timeSenior Manager, Technology Governance, Risk and Compliance page is loaded Senior Manager, Technology Governance, Risk and Compliance Apply locations Toronto, Ontario, Canada time type Full time posted on Posted 4 Days Ago job requisition id JR101651 Why you’ll love working here:high-performance, people-focused cultureour...
-
Old Toronto, Canada HOOPP Full timeSenior Manager, Technology Governance, Risk and Compliance page is loaded Senior Manager, Technology Governance, Risk and Compliance Apply locations Toronto, Ontario, Canada time type Full time posted on Posted 4 Days Ago job requisition id JR101651 Why you’ll love working here:high-performance, people-focused cultureour...
