Job Description

The Director, reporting to the VP of Information Security & CISO, will be responsible for designing and overseeing governance frameworks to proactively identify, assess, and manage technology risks. The director will also drive enterprise IT compliance and internal controls programs to safeguard our assets against threats and meet compliance obligations.



This is a high-impact leadership role that collaborates with executives, IT leaders, risk, audit, and compliance partners across the organization to enable a security risk-informed culture.

The Director, IT Risk, Compliance & Security Assurance will:

=================================================================

IT Risk Management & Governance

------------------------------------

Lead, develop, and execute the IT risk management and governance frameworks Align IT risk governance with Enterprise Risk Management (ERM) programs Facilitate IT risk assessments, mitigation planning, and ongoing risk monitoring Maintain a centralized IT risk registry with defined ownership and remediation tracking Provide risk governance reporting to senior leadership and stakeholders

IT Compliance & Security Assurance

---------------------------------------

Oversee IT compliance with regulatory, contractual, and legal requirements Lead IT responses to audits, assessments, and reviews by regulators or third parties Manage the IT compliance certification program and stakeholder awareness Partner with Legal and Compliance teams to align requirements and remediation efforts

Information Security Assurance

----------------------------------

Champion a formal security assurance program that includes control testing, evidence collection, gap analysis, and remediation Validate security controls aligned to industry frameworks such as ISO, NIST, and COBIT Partner with architecture and infrastructure teams to confirm control effectiveness Provide security assurance to third-party risk management and vendor due diligence

Internal Controls Management

--------------------------------

Maintain IT internal controls framework and ensure alignment with policies and standards Implement and maintain security policies, standards, and control libraries across IT Partner with business and technology to conduct RCSAs and document identified risk

Reporting & Governance Oversight

-------------------------------------

Report on IT risk, compliance, and security assurance to executive leadership Support governance forums and committees with risk insights and recommendations Track and report on key performance indicators (KPIs) and key risk indicators (KRIs)

Continuous Improvement & Professional Engagement

-----------------------------------------------------

Monitor emerging security threats and regulatory trends in IT risk and cybersecurity Engage with industry networks and professional groups to bring in best practices Foster a culture of continuous improvement, transparency, and accountability

To be successful as a Director, IT Risk, Compliance & Security Assurance with People Corporation, you will need:

=====================================================================================================================

Leadership & influence: able to lead cross-functional teams and foster collaborations Governance & strategy: able to design and implement enterprise governance structures Execution & accountability: deliver results under pressure with competing priorities Communication: able to communicate effectively in both business and technology context Analytical judgment: drive action, assess risk, and guide strategic decisions Integrity: demonstrates high ethical standards and professionalism

All-star candidates will have:

===================================

Degree or diploma in Information Security, Computer Science, or a related field Industry certifications such as: CGEIT, CISA, CISM, CISSP, CRISC Proven experience in IT risk, compliance, governance, and security assurance programs Strong knowledge of control frameworks (e.g., COBIT, ISO 27001/2, NIST, ITIL) Strong understanding of IT infrastructure, applications, and operations

What's in it for you:

=========================

Learn by working alongside our experts Extended health care and dental benefits A retirement savings plan with company contributions A suite of Health & Wellness offerings Mental Health programs and support for you and your family Assistance for the completion of industry designations Competitive compensation

At People Corporation we are committed to helping businesses succeed. We are a national provider of benefits, retirement, wealth, wellness, and human resource solutions. Our experts and solutions serve over 20,000 clients representing nearly 3 million Canadians. We offer customized solutions designed to fit the unique needs of businesses and their employees, members and stakeholders.



Providing an inclusive, accessible environment, where all employees and clients feel valued, respected and supported is something we're committed to. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee has the opportunity to reach their potential. If you require an accommodation or an alternative format of any posting please reach out to careers@peoplecorporation.com.