Overview
Leader, Governance, Risk & Compliance Jobs in Toronto, Canada at Interac Corp.
Title: Leader, Governance, Risk & Compliance
Company: Interac Corp.
Location: Toronto, Canada
Category:
Who We Are:
Every transaction matters. Every Canadian matters. At Interac, we protect both — driving trust, security, and inclusion, so our digital economy thrives.
Founded in 1984, Interac connects Canadians through secure digital payments, advanced identity verification and industry-leading fraud protection. Connecting banks, businesses, and individuals, Interac enables millions to send, receive, and manage money safely and effortlessly every day — across both digital and physical environments.
As the backbone of Canada’s financial ecosystem, Interac facilitates over 20 million transactions daily, supported by trusted partnerships with government and financial institutions. Consistently ranked as Canada’s most reputable financial technology brand, Interac is deeply embedded in the daily lives of Canadians.
Who You Will Work With:
The vacant role will report to the Head, Information Security & CISO. Leader, Governance, Risk and Compliance (GRC) will be responsible for establishing the GRC mandate and goals for Interac Corp. and will collaborate closely with key stakeholders and business units on security risk and compliance initiatives and effective risk management practices across the organization. The Leader, will business units embed a security risk management culture into production, delivery, support and operations that enables business objectives.
The Leader will be responsible for strengthening controls in IT environments, ensuring that risks are clearly understood, controls are implemented to mitigate those risks and continuous monitoring is established to measure control effectiveness.
The Leader, will lead a team in operating and maintaining an Information Security Management System (ISMS) to help Interac Corp. meet and comply with applicable frameworks, data protection laws, regulations, Interac cybersecurity standards and contractual obligations.
What You Will Do:
Review corporate policies, identify additional policies and develop policies to enhance existing controls and alignment with ISO 27000 series, NIST and PCI standards and frameworks.
Socialize policies and standards and provide guidance to employees on adherence to the policies.
Coordinate and guide the Information Security Risk Management process risk owners to ensure that risk treatments are effective.
Support the internal IT audit function and external auditors and established organizational security certifications.
Assist in the development, training and tracking of the internal control environment associated with the various standards (e.g. SOC 2, ISO
27001/2).
Conduct compliance activities to ensure adherence with relevant policies, standards, regulations, and applicable laws
Manage internal auditors and external auditors and activities.
Regularly update and review risk portfolio for changes in the environment. Provide regular reporting of significant risks and the risk portfolio to pertinent Management Committees.
Drive improvements in the organization arising from the identification of risk and control gaps that balance risk with business operations.
Act as a key point of contact when identifying risk to raise awareness with security management and business unit leads on a risk reduction plan.
Maintain a registry of risk remediation supported by a governance lifecycle and the implementation of management tools that are technology enabled.
Stay abreast in incident response cases and track occurrence and resolution, with strict documentation and reporting.
Provide leadership for disaster recovery and business continuity as they relate to security and framework and organization standards.
Leverage industry best practices to implement and mature an adaptive Governance, Risk and Compliance (GRC) program
Developing and implement reporting metrics, key performance indicators (KPIs), to measure the effectiveness of Information Security Risk Management practice.
Work in tandem with other security leadership for annual strategic and budgetary directives
Coaching, mentoring, and managing a team to obtain the best possible results from team members
Collaborate with business unit stakeholders including Internal Audit, Legal, Enterprise Risk, Data…