Job Description

Senior Manager, Security GRC - Hybrid (Toronto)
We are seeking a Senior Manager, Security Governance, Risk & Compliance (GRC) to join a leading financial services organization. This leadership role will oversee security governance, risk management, compliance, and awareness programs, reporting directly to the VP, Information Security.
What you'll do:
Develop and lead the enterprise security GRC strategy, aligning with business objectives and regulatory standards.
Build and manage a high-performing GRC team, driving a culture of continuous improvement.
Oversee security policies, frameworks, risk register, and compliance with standards (ISO 27001, NIST, PCI-DSS, GDPR).
Lead audits (PCI DSS, ITGC, internal) and coordinate cross-functional teams for evidence collection and remediation.
Drive security awareness programs and support incident response with risk-based governance.
What you bring:
12+ years' experience in Information Security, including 5+ years in leadership.
Strong background in GRC frameworks, regulatory compliance, and security domains (IAM, Cloud, Network Security).
Relevant certifications (CISM, CISSP, CRISC, CISA) highly preferred.
Proven ability to navigate regulatory environments and influence organizational change.
What's offered:
Hybrid work model
Comprehensive benefits, performance-based bonuses, retirement planning, and employee wellness programs.
Professional growth opportunities with access to learning platforms, mentorship, and career mobility.

Skills Required