Job Title

We are seeking a Senior Manager, Security Governance, Risk, and Compliance (GRC) to lead enterprise-wide security initiatives that ensure alignment with business goals, regulatory requirements, and industry best practices. Location : Toronto, ON (Hybrid in-office collaboration with remote flexibility) Reporting To : VP, Information Security Job Type : Full-Time Role Overview This leadership role is accountable for overseeing governance, risk, compliance, and security awareness programs. The successful candidate will work closely with executive leadership and cross-functional teams to manage risks, establish strong security policies, and cultivate a security-aware culture across the organization. Key Responsibilities Develop and lead the security GRC strategy in alignment with business and regulatory requirements. Serve as a trusted advisor to the CISO and senior leadership on all security GRC-related initiatives. Build and manage a high-performing GRC team, fostering a culture of continuous learning and accountability. Oversee the creation and maintenance of security policies, standards, and frameworks (e.g., ISO 27001, NIST, GDPR, PCI-DSS). Provide guidance to ensure all applications, systems, and products are compliant with internal and external requirements. Chair the Security Governance Committee and lead governance activities for enterprise security risk oversight. Own and maintain the enterprise-wide security risk register , ensuring accurate documentation and effective mitigation strategies. Lead and support risk assessments and threat modeling activities across platforms and products. Design and execute targeted security awareness programs , including phishing simulations and mandatory training. Collaborate with the incident response team to manage and review security incidents, including root cause analysis and corrective action planning. Lead the planning and execution of audits such as PCI DSS , IT General Controls , and internal audits. Coordinate with cross-functional teams (Security, IT, Legal, Operations, etc.) to collect, validate, and organize audit documentation and evidence. Track and report on audit progress, risks, and outstanding issues to executive leadership. Maintain compliance documentation such as data flow diagrams, risk assessments, remediation logs, and system inventories. Qualifications & Experience Bachelor''''s degree in Computer Science, Information Security, Risk Management, or a related field. 12+ years of experience in Information Security or Risk Management, with at least 5 years in a leadership role . Experience building and executing GRC strategies in large or complex organizations. Deep understanding of regulatory compliance requirements and security frameworks (e.g., NIST, ISO27001, GDPR, PCI-DSS). Hands-on experience in domains such as IAM, Cloud Security, and Network Security. Proven ability to drive cross-functional initiatives and influence change across departments. Relevant certifications strongly preferred: CISM, CISSP, CRISC, CISA , or similar. What Youll Gain A comprehensive total rewards program including performance-based bonuses and flexible benefits from day one. Access to a defined contribution pension plan , profit-sharing programs, and retirement planning support. Opportunities for professional growth , including unlimited access to Coursera, mentoring programs, and internal gigs. Robust wellness support , including 24/7 virtual healthcare, EFAP services, and wellness initiatives. Flexible hybrid work options, including the ability to work abroad temporarily and generous paid time off programs. Recognition programs, exclusive financial perks, and access to a wide range of employee discounts. Akkodis is an equal opportunities employer and welcomes applications from all qualified candidates. #J-18808-Ljbffr