Manager, Security Compliance

About The Position

Requirements

• 6-8 years of experience in IT audit, compliance, or security assurance, with deep expertise in SOX/ICFR compliance (preferably in financial services or fintech)
• Strong understanding of COSO framework, ITGCs, ITACs, and control design principles
• Experience working with external auditors on SOX engagements, particularly in a coordination or liaison capacity
• Proven ability to lead and manage a team, ensuring that audit deliverables are met efficiently and on time.
• Proven ability to manage multiple compliance workstreams and competing priorities
• Strong stakeholder management and communication skills with ability to influence across technical and non-technical teams
• Experience with GRC tools and control management platforms
• Self-directed professional who can build programs from the ground up and drive initiatives to completion

Nice To Haves

• Working knowledge of SOC, PCI DSS, and/or NIST frameworks is a strong asset
• Relevant certifications preferred (CISA, CISSP, CPA, CIA, or equivalent)

Responsibilities

• Own and manage the ICFR compliance program while building out a SOX program from the ground up, leveraging existing frameworks and controls where applicable
• Partner with Finance, IT, and business stakeholders to identify and document key controls over financial reporting, ensuring controls are designed and in place ahead of audit cycles
• Ensure IT general controls (ITGCs) and IT application controls (ITACs) supporting financial systems are properly documented and operating as intended
• Serve as the primary point of contact for external auditors, coordinating evidence requests, walkthroughs, and finding remediation
• Build and maintain a controls inventory with clear ownership, documentation standards, and readiness status
• Work cross-functionally with control owners to ensure gaps are identified early and remediation plans are in place before audit periods
• Develop and report on compliance readiness and control health to senior leadership
• Drive continuous improvement in the efficiency and effectiveness of the SOX Compliance system (AuditBoard) and related technologies
• Maintain current knowledge of emerging risks, industry trends, and regulatory changes relevant to the business and the audit profession
• Expand ownership to include SOC 1&2, PCI DSS, and NIST compliance programs, building a unified compliance function
• Lead a small team of compliance specialists, providing mentorship, prioritization, and ensuring alignment across the aforementioned compliance initiatives

Benefits

• Top-tier health benefits and life insurance
• Long-term group savings with employer match, through Wealthsimple for Business
• 20 vacation days, 4 wellness days, and unlimited sick and mental health days per year
• 90 days away: work outside Canada for up to 90 days per year
• Employee resource groups, including Rainbow (2SLGBTQ), Women of WS, and Black at WS