Job Description
Hybrid: Markham, Ontario | Position: Manager, IT Governance, Risk and Compliance | Type: Full‑Time | Permanent | Hybrid | Location: Markham, ON | Reports to: Director, Security and Infrastructure, IT
Job Overview
Manager, IT Governance, Risk and Compliance is the IT owner for ICFR, PCI‑DSS, NIST Cybersecurity Framework (CSF) 2.0, and Third‑Party Risk Management (TPRM). This hands‑on leadership role delivers IT controls, evidence, remediation, policy governance, the IT Security Risk Register, and the full TPRM lifecycle while partnering with Finance, Payments, Security, Procurement, and Legal.
Essential Duties
- Act as the primary IT point of contact for internal and external audit partners on ICFR/ITGC, PCI‑DSS, and NIST CSF 2.0 audits.
- Own the IT General Controls (ITGC) portion of the annual ICFR program: scoping, documentation, evidence, walkthroughs, testing support, and remediation.
- Manage the PCI‑DSS IT compliance program ...