Job Description

Pret a relever le defi ?
Cybersecurity at Intelcom

Although some may think Intelcom is a low-tech organization, our success is driven by significant technology investments in recent years. We have a broad technology footprint, with major investments in cloud platforms, business intelligence, artificial intelligence, and operational technology. Our IT team includes more than 120 developers, along with DevOps, AI/BI specialists, and infrastructure experts. As we continue to grow rapidly, we are building and expanding our cybersecurity and information security practice, with a clear roadmap and continued investment to accelerate our maturity. We are seeking a manager eager to shape and guide the continued evolution of our GRC function. In this role, you will ensure our people, processes, and tools work together effectively to support a resilient, trusted organization
The role
Reporting to the CISO, the Manager - Governance, Risk and Compliance will be central to strengthening Intelcom's security posture, maintaining customer confidence, and ensuring compliance as we expand globally. This role is responsible for establishing and maintaining strong governance practices, ensuring compliance with applicable regulations and standards, and proactively managing cybersecurity risks across the organization. Working closely with leadership, IT, and business stakeholders, the GRC Manager will design, implement, and evolve a comprehensive risk and compliance framework that supports Intelcom's rapid growth and global operations.
Key Responsibilities
Team Management & DevelopmentLead, manage, and mentor a small team of cybersecurity analysts and specialists. Define team objectives, monitor performance, and support career development. Foster a high-performance culture that emphasizes accountability, collaboration, and continuous improvement.

Governance & PolicyDevelop, maintain, and enforce cybersecurity policies, standards, and procedures aligned with business needs and recognized frameworks (ISO 27001, NIST CSF, SOC 2, etc.). Drive adoption of governance practices across IT and business units.

Risk ManagementLead the identification, assessment, and treatment of cybersecurity risks across corporate and operational environments. Manage and improve the third-party/vendor risk management program, ensuring suppliers and partners meet security requirements. Maintain risk registers and coordinate mitigation activities with stakeholders.

ComplianceEnsure compliance with contractual, regulatory, and industry requirements, supporting certifications and audit renewals with key customers. Manage internal and external security assessments, audits, and evidence collection.

Awareness & TrainingChampion security awareness and training initiatives across the organization, driving a culture of shared responsibility. Provide clear communications on risk, compliance, and policy adoption to all levels of the organization.

Collaboration & LeadershipAct as the central point of contact for GRC-related initiatives, collaborating with the IT organization and business operations. Provide guidance and support to project and product teams to ensure security is embedded in processes and decision-making.

Reporting & MetricsDeliver regular reporting on security posture, risks, and compliance status to the CISO and senior IT leadership. Define and track key metrics for governance, risk, and compliance maturity.

QualificationsBachelor's degree in Information Security, Computer Science, Computer Engineering, or a related field (or equivalent practical experience). 7+ years of experience in cybersecurity, with at least 3 years in a governance, risk, and compliance role. Demonstrated experience leading or managing a team, including setting objectives, mentoring, and performance management. Strong knowledge of cybersecurity frameworks and standards (e.g., ISO 27001, NIST CSF, SOC 2, CIS Controls). Hands-on experience with risk management practices, including third-party/vendor risk management. Proven ability to manage internal and external audits, assessments, and compliance initiatives. Excellent communication and stakeholder management skills, with the ability to collaborate across IT, business, and leadership teams. Strong organizational skills with the ability to balance multiple priorities in a fast-growing environment. Bilingual - French and English

Nice-to-HavesExperience in a cloud-first organization (AWS, Azure, Kubernetes environments). Familiarity with data protection regulations (e.g., Loi 25, GDPR, PIPEDA). Experience building or maturing a GRC program in a growth-stage or global company. Industry certifications such as CISM, CISSP or similar. Experience in logistics, supply chain, or operational technology (OT) environments

Intelcom est une entreprise de logistique du dernier kilometre chef de file dans le secteur du commerce electronique. Nos equipes d'un bout a l'autre du Canada ainsi que notre reseau d'entrepreneurs independants contribuent aux activites quotidiennes d'Intelcom.
Notre objectif est simple : dans un secteur d'activite en constante evolution, nous ne nous contentons pas de suivre, nous prenons les devants. En plus de nous demarquer grace a des methodes de livraison et a des services novateurs, Intelcom opere aussi une transformation technologique ou l'integration de l'experience client et les technologies logistiques sont au coeur de son evolution.
Chez Intelcom, nous savons que l'experience se presente sous plusieurs formes et nous nous engageons a creer une culture ou la difference est valorisee. Nous sommes toujours a la recherche de personnes talentueuses et diversifiees pour rejoindre nos equipes. Avec plus de 60 centres de livraison a travers le Canada, nous avons peut-etre la la bonne opportunite pour vous.