Senior Manager, Security GRC

Your Moneris Career - The OpportunityAs the Senior Manager, Security GRC, you will be in a leadership role responsible for overseeing our security governance, risk management, compliance, and awareness programs. Reporting directly to the VP, Information Security, you will play a critical part in ensuring that security initiatives align with business objectives and regulatory requirements. The successful candidate will lead efforts to assess and manage risks, develop security metrics, ensure regulatory compliance, and drive security awareness across the organization. . You will ensure that our security posture is robust and aligned with regulatory requirements, industry standards, and best practices.Location: You will be based in our Toronto office, balancing in-office collaboration with remote flexibility.Reporting Relationship: You will report to the Vice President, Information Security.Posting Type: Replacement Position.Salary Range: The expected base salary range for this role is $141,973 - $186,339.Total compensation may also include variable or discretionary incentive components, including but not limited to bonuses and commissions. Individual job offers are determined by various factors, including experience, education, skills, certifications, and other business needsYour Moneris Career - What you'll doDevelop and lead our security GRC strategy, ensuring alignment with business objectives and regulatory requirements and serves as key advisor to CISO and other senior executives on security GRC initiatives.Build, manage a security GRC team, promoting a culture of continuous learning and professional development. Management includes the team's performance, ensuring organizational goals and always tracking OKRs defined for security GRC vertical.Establish and maintain security policies, standards, and frameworks that align with industry best practices (e.g., ISO 27001, NIST, GDPR, PCI-DSS), that includes providing guidance and oversight to business partners ensuring Moneris's application and products are following applicable policies and standards.Lead the Security Governance Committee to ensure ongoing oversight and governance of security risks.Take the ownership to develop and maintain the enterprise-wide security risk register, ensuring risks are properly documented, prioritized, and mitigated.Constant guidance and participate in risk assessments and threat modeling exercises to identify vulnerabilities across different products and oversee govern risk treatment plans.Design the targeted security programs (including measuring the effectiveness), like phishing/ spear-phishing simulations to enhance our security culture, mandatory data breach training, etc.Collaborate with the incident response team to manage security incidents and breaches, ensuring root cause analysis and corrective actions are completed.Lead the end-to-end planning and execution of Moneris' annual audits such as PCI DSS, IT General Controls audit, internal audits, etc.Coordinate across teams (IT, InfoSec, Legal, Operations, etc.) to collect, validate, and organize documentation and controls evidence.Track audit status, risks, and issues, providing regular updates to executive leadership.Maintain documentation to support compliance, including system inventories, data flow diagrams, risk assessments, and remediation logs.Your Moneris Career - What you bringBachelors in Computer Science, Information Security, Risk Management or Equivalent.Minimum 12+ years of experience Previous experience in the payment industry considered an asset. Also, out of 12 years, minimum 5 years in leadership capacity.Experience developing and executing security GRC strategies in a complex, global organization.Experience with security frameworks, standards, and regulations (e.g., NIST, PCI-DSS, ISO27001, GDPR).Navigate regulatory environments and influence organizational change.Information Security GRC, Regulatory Compliance management, Information Security domain knowledge in IAM, Network Security, Cloud Security.Experience with frameworks NIST, PCI-DSS etc.Relevant certifications such as CISM, CISSP, CRISC, CISA, or similar are highly preferred.Your Moneris Career - What you getAt Moneris, we believe in empowering you to succeed—personally and professionally. As part of our team, you'll have access to resources, opportunities, and an inclusive environment that supports your development and career.Comprehensive Total Rewards Program, including performance-based bonuses, flexible benefits starting from day one, and your choice of a health spending account (HSA) or personal spending account (PSA).Retirement planning support, with profit-sharing programs including company match and a defined contribution pension plan.Growth & development opportunities, including unlimited access to Coursera, mentorship programs, and an internal gig marketplace.Holistic wellness support, with an Employee & Family Assistance Program, 24/7 virtual healthcare, and workplace wellness initiatives.Flexibility that works for you, including hybrid work arrangements, a Work from Abroad program, and paid time off programs.Recognition and rewards, with company-wide recognition programs, exclusive banking perks from RBC & BMO, and access to great employee discounts.