Governance, Risk & Compliance, Lead (Fintech)

TL;DR

Governance, Risk & Compliance Lead (Fintech): Leading implementation and management of GRC tools and frameworks to maintain security risk posture with an accent on ISO 27001 certification, risk assessments, and compliance with standards like PCI DSS and NIST. Focus on developing risk registers, security metrics, policy alignment, and providing risk-based recommendations to senior leaders.

Location: Toronto, flexible hybrid model. Eligibility to work in Canada in a full-time capacity required.

Salary: $115K-$130K plus short-term incentive plan.

Company

hirify.global connects Canadians through secure digital payments, identity verification, and fraud protection, facilitating over 20 million transactions daily.

What you will do

• Lead implementation and management of Governance Risk and Compliance (GRC) tools for Information Security.
• Prepare and maintain risk registers, track remediation through security risk assessments.
• Report on technical controls effectiveness via security metrics and enhance risk assessment frameworks.
• Align Information Security policies with industry standards (ISO 27001/2, PCI DSS, NIST, CIS).
• Conduct security assessments, develop requirements matrices, manage risk acceptances and exceptions.
• Collaborate with senior leaders, auditors, and teams to improve security posture and support awareness programs.
• Ensure BCP/DR policies are in place and monitor cybersecurity threats.

Requirements

• Degree or Diploma in IT/business or equivalent with certifications like CISSP, CISA, CRISC, CISM.
• 7+ years in Information Security, Governance, Risk Management in medium to large organizations.
• Experience implementing/managing GRC tools, threat/risk assessments, and full risk lifecycle.
• Strong leadership, communication, presentation skills for technical/non-technical audiences.
• Knowledge of cybersecurity frameworks (ISO 27001/2, PCI DSS, NIST, CIS) and cloud security, IAM, vulnerability assessments.
• Eligibility to work for hirify.global Corp. in Canada full-time.

Culture & Benefits

• Generous vacation and wellness days.
• Comprehensive employer-paid benefits coverage.
• Market-leading employer-funded RRSP program.
• Flexible hybrid work model.
• 24/7 employee & family assistance program.
• Pregnancy and parental leave top-up, charitable donation matching.

Hiring process

• Background checks including criminal, credit, employment, education, and social media verification.