Director, Audit and Controls

About The Position

Requirements

• 10+ years of progressive experience in internal controls, internal audit or external audit.
• Public accounting experience and expertise with financial services and fintechs are strong assets.
• Comfortable with financial controls as well as technical controls, with significant experience working with technical business units.
• Proven track record owning and leading audit and internal control functions — not just executing them — and can operate at both strategic and hands-on levels as the business requires.
• Substantial experience managing external audit relationships and leading complex audits including SOC 1, SOC 2, and PCI DSS.
• Strong people leader who can build, motivate, and develop a team while maintaining high standards and a clear sense of direction.
• Ability to build trust and credibility quickly — with internal stakeholders, external auditors, and regulators — through excellent verbal, written, and interpersonal communication skills.
• Working knowledge of IT and financial controls frameworks (e.g., COSO, COBIT, NIST, SOC 1/2, PCI DSS) and can apply them pragmatically in a fast-moving environment.
• CPA, CISA, or CIA designation (required).
• Pragmatic and solutions-oriented — find approaches that strike the right balance of risk, cost, and practicality, and integrate them into existing ways of working.

Nice To Haves

• PCIP/ISA qualification is an asset.

Responsibilities

• Own and drive the long-term strategy for the audit and controls function, which encompasses internal controls and compliance, and audit support. Set the vision, goals, and priorities that align with Neo's business objectives and overall risk management framework.
• Lead the design, implementation, and continuous improvement of internal controls across business units to build and maintain a strong, scalable control environment. Leverage automation and AI to streamline testing burden and integrate efficiencies into all audit requirements. Oversee regular testing against key compliance frameworks (e.g., PIPEDA, FCAC, PCLTFA) to ensure Neo meets all regulatory requirements.
• Serve as the senior point of accountability for all external audit relationships. Oversee the planning and execution of external audits including SOC 1, SOC 2, and PCI DSS — ensuring readiness, quality, and timely delivery.
• Direct comprehensive assessments of business processes to identify control gaps and compliance risks. Lead the development of remediation plans and ensure findings are resolved effectively and durably.
• Partner with product, engineering, legal, finance and business ops teams to embed automated controls into products and internal tools. Champion a cultural commitment to controls and compliance throughout the organization.
• Prepare and present comprehensive reports on control findings, risk exposures, audit outcomes, and program maturity to senior leadership and relevant governance bodies.
• Build, lead, and develop a high-performing audit and controls team. Set goals, provide mentorship, conduct performance reviews, and create an environment where people grow and do their best work.

Benefits

• equity participation