Senior Manager - IT Governance Risk and Control
About The Position
Enercare Inc. is one of Canada’s largest home and commercial services companies servicing over one million customers across Ontario, Manitoba, Saskatchewan, Alberta, British Columbia, Quebec and New Brunswick. Enercare is the Experts at Home, operating under several brands including Enercare, HydroSolution, and Pioneer Plumbing & Heating. A proudly Canadian-owned company, we are the Experts at what we do and deeply care about our customers. We value a diverse, collaborative culture, and take pride in our commitment to health and safety, and knowing our work serves and supports our communities every day. No matter your role, we invest in making sure you have opportunities to grow, learn, and become the Expert you want to be. If you are ready to become one of our Experts, we would love to hear from you. Enercare is seeking a Senior Manager, IT Governance, Risk & Control (IT GRC) to play a pivotal hands-on role in strengthening the control environment across Information Technology. This is a senior individual contributor position designed for a highly experienced GRC professional who thrives on ownership, accountability, and influence—without people management responsibilities. Operating as a 1B function within the First Line of Defense, this role partners directly with IT leaders, control owners, Internal Audit, and external auditors to ensure risks are identified, controls are effective, and regulatory commitments are met. The role carries enterprise-wide accountability for critical processes, including SOX ITGC, PCI compliance support, and User Access Reviews (UAR).
Requirements
- 8+ years of experience in IT governance, risk, compliance, or IT audit.
- Hands-on experience with SOX IT General Controls (ITGC).
- Experience supporting PCI DSS compliance activities.
- Proven accountability for User Access Review (UAR) or access certification processes.
- Strong understanding of IT control frameworks (e.g., COBIT, NIST, ISO 27001).
- Excellent written and verbal communication skills.
Nice To Haves
- Professional certifications such as CISA, CRISC, CISSP, CISM, or CIA is preferred.
- Experience working within a Three Lines of Defense operating model is preferred.
- Familiarity with GRC tooling such as ServiceNow IRM, Archer, AuditBoard, or Workiva is preferred.
Responsibilities
- Act as a trusted subject matter expert for IT governance, risk, and control practices across applications, infrastructure, cloud, and operations.
- Identify, assess, and report on IT risks; maintain the IT risk register and remediation tracking.
- Support the design, operation, and remediation of SOX IT General Controls (ITGC).
- Own accountability for the completeness and auditability of the enterprise User Access Review (UAR) process.
- Ensuring that SOX and audit cycles execute smoothly with high-quality evidence and minimal findings.
- Guide IT teams through the design and validation of compensating controls.
- Support PCI DSS and other IT compliance obligations.
- Act as a primary IT liaison for internal and external audits.
- Educate and coach IT control owners to strengthen audit readiness and control execution.
- Partner with IT, Security, Finance, and Internal Audit to continuously improve the IT control environment.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
