Auditor, IT Risk and Compliance - Corporate Information Systems Group
Canadian Bank Note Company
Canadian Bank Note Company (CBN) is a leader and trusted provider of secure document and adjacent enterprise-level system solutions across the following domains: border security, civil identity, driver licence/identification and vehicle information, excise control, currency, lotteries and charitable gaming.
Our Corporate Philosophy and 7 Core Principles shape and guide our corporate behaviours and underpin the sense of community you will experience at CBN. We seek long-term relationships with our employees and offer a competitive compensation package that includes health, medical and life insurance benefits and a defined contribution pension plan with company matching.
Job Description
Internal Job Title: Auditor, IT Risk and Compliance
Job Type: Permanent, Full-Time
Location: 18 Auriga Drive, Ottawa ON
Work Model: Remote
Position Summary
As an Auditor, IT Risk and Compliance in our Corporate Information Systems group, you will play a central role in developing, delivering and managing the compliance and risk programs and activities while also investigating and participating in relevant IT security projects that support the business needs of the organization.
Key Responsibilities
Audit Planning Execution and Reporting
- Design Audit Plans and Schedules: Create detailed audit plans and schedules aligning with the organization’s compliance requirements.
- Conduct Audits: Perform comprehensive internal audits aligned with recognized frameworks (ISO/IEC 27001, ISO 14298, PCI DSS, SOC 2, CIS Controls etc.) of IT systems, applications, and processes with a strong focus on IT and cybersecurity risk.
- Document Findings: Prepare detailed reports on audit findings, update registers, and highlight areas of concern and assessing corrective actions to ensure they will meet compliance requirements.
- Present to Management: Present findings to senior management and compliance committees, ensuring transparency and accountability.
Compliance Monitoring and Management
- Compliance: Ensure IT systems and procedures comply with industry standards and regulations such as ISO-27001, PCI, and SOC 2.
- Framework Evaluation: Maintain currency for emerging compliance frameworks or as standards evolve. Update internal control frameworks, assess gaps and work with stakeholders to maintain our compliance.
- Internal Policies: Create internal policies and procedures to meet emerging or evolving standards and as new technologies or threats are defined.
Risk Assessment and Management
- Risk Program: Participate in the maintenance of our ongoing risk management program following CBN standard procedures.
- Identify and Evaluate Risks: Collaborating with stakeholders and SMEs across the business to continuously assess IT risks.
- Risk Documentation: Document identified risks and communicate them to relevant stakeholders, updating risk registers and following up with risk owners and reporting as necessary to executive committees.
Technical Guidance
- Investigations: As required assist in investigating security events and participate in relevant root cause analysis development.
- Consulting: Provide subject-matter guidance to business and technology teams on the interpretation and application of applicable compliance frameworks and standards, supporting informed decision-making and consistent execution.
- Implementation Support: Provide advisory support during the implementation of compliance frameworks and control enhancements, including reviewing design approaches, validating alignment to requirements, and providing practical, risk-based recommendations without assuming control ownership.
Continuous Improvement
- Supervise Corrective Actions: Oversee the implementation of corrective actions to ensure compliance issues are resolved effectively and promptly.
- Process Enhancement: Continuously seek ways to improve processes and methodologies to enhance efficiency and effectiveness.
Qualifications
Mandatory Requirements
- Legally eligible to work in Canada
- Fluent in English (speak, read, write)
- Able to obtain (in a timely manner) and maintain Government of Canada Secret (Level II) security clearance
- Able to travel 2-6 weeks/year
Minimum Qualifications
- Bachelor’s degree in Information Systems (or similar) or equivalent combination of relevant education and additional relevant work experience or overall additional relevant work experience.
- Certification and/or demonstrable knowledge/experience in compliance frameworks including ISO 27001:2022 and PCI-DSS v4.0+.
- Working knowledge of industry recognized threat and risk management methodologies and frameworks.
- Comprehensive knowledge of Unified Compliance Frameworks and GRC tools.
- Thorough knowledge of current security trends, threat vectors and cyber security threats.
- 3+ years of experience in a relevant auditing, compliance and/or risk role.
- Experience in cybersecurity, corporate security, or highly regulated organization .
- Experience in developing and delivering compliance and risk assessments, creating, and presenting reports to management and liaising with external auditors.
Preferred Qualifications
- Certification in a relevant audit discipline: BSI Internal Auditor, ISACA CISA, PECB Internal Auditor, or other relevant industry certification e.g. ISC2, GIAC, SANS, or equivalent
- Certification and/or demonstrable knowledge/experience in various compliance frameworks including but not limited to ISO 14298, NASPO, SOC 2 (Type I and II), FedRamp, CSA and CSA Star-II.
- 7+ years of experience in a relevant auditing, compliance and/or risk role
- Fluent in Spanish (speak, read, write)
Soft Skills and Characteristics
- Critical thinking skills
- Organization and time management skills
- Interpersonal skills
- Teamwork and collaboration
- Growth mindset
Additional Information
Equal Opportunity Statement
Our organization is committed to employment equity and diversity in the workplace. We actively encourage applications from women, Indigenous Peoples, persons with disabilities, members of visible minorities, and LGBTQ2+ individuals.
We are dedicated to removing barriers and fostering an inclusive workplace that reflects society and we are committed to providing an accessible and inclusive recruitment process in accordance with the Accessibility for Ontarians with Disabilities Act (AODA).
If you require accommodation at any stage of the hiring process, please contact us at View email address on jobs.smartrecruiters.com so that appropriate arrangements can be made.
AI Use in Recruitment Statement
As part of our commitment to transparency and fairness in hiring, we disclose that artificial intelligence (AI) tools may be used at certain stages of our recruitment process. These tools assist in tasks such as resume screening, candidate matching, and interview scheduling. All AI-assisted decisions are subject to human oversight to ensure fairness, accuracy, and compliance with applicable laws.
We are committed to the responsible, transparent, and accountable use of AI, in alignment with Ontario’s Responsible Use of Artificial Intelligence Directive and the requirements under the Working for Workers Four Act. This includes taking steps to mitigate bias, protect candidate privacy, and ensure that AI does not unfairly influence hiring outcomes.
If you have questions or concerns about how AI is used in our hiring process, please contact us at View email address on jobs.smartrecruiters.com .
$67.99 - $101.99 per hour
We are seeking a fully remote IT Risk Manager to support enterprise IT risk governance by... ...monitor overdue actions, and consolidate risk information into a single, reliable enterprise view.... ...•Identify and highlight emerging risks, systemic issues, and control weaknesses •Support...SuggestedContract workRemote work$89.06k - $111.32k per year
Overview Languages English Education Bachelor's degree or equivalent experience Experience 5 years or more Hybrid Work must be completed both in person and remotely. Benefits Health benefits Dental plan Health care plan Vision...SuggestedPermanent employmentFull timeRemote work$62k - $106k per year
...day look like? As an Internal Auditor, you will be responsible for... ...organizations, including identifying risks and assessing the... ...enhance internal controls, ensure compliance, and manage risk. ~ Technology... ...assessment ~ Strong knowledge of IT systems and IT controls is an...SuggestedPermanent employmentFlexible hours- ...and operate the networks and systems behind cutting-edge defensive... ...Intune, including enrollment, compliance policies, configuration profiles... ...Administer Active Directory, Group Policy, file and print services... ...Solid progressive experience in IT systems administration and...SuggestedInternshipRemote workWeekend workAfternoon shift
- ...and adjacent enterprise-level system solutions across the... ...licence/identification and vehicle information, excise control, currency, lotteries... ...charitable gaming. Our Corporate Philosophy and 7 Core... ...ensure fairness, accuracy, and compliance with applicable laws. We are...Information SystemCompanyLong term contractPermanent employmentFull timeInternshipRemote work
- ...and adjacent enterprise-level system solutions across the... ...licence/identification and vehicle information, excise control, currency, lotteries... ...charitable gaming. Our Corporate Philosophy and 7 Core... ...ensure fairness, accuracy, and compliance with applicable laws. We are...CompanyLong term contractPermanent employmentFull timeInternshipRemote work
- ...looking for a Manager, Security & IT to lead Knak’s security and compliance programs while overseeing the company... ...on security frameworks, governance, risk management, and organizational security... ...internal stakeholders and external auditors to support successful audits and...
- ...worldwide to broadcast, telecommunications, corporate and government customers for over 55... ...3 demonstration satellite. For more information, follow Telesat on X and LinkedIn or visit... ...DETAILS Department: Finance / Risk & Compliance Reports To: Director, Risk & Compliance...CompanyFull timeWorldwide
- ...Job Description Q-Block Computing is seeking an Information Systems Specialist to join our growing team in Ottawa, Ontario. This role offers an... ...Block Computing to design, develop, and maintain the distributed IT infrastructure stack that connects quantum control hardware...Information SystemPermanent employmentFull timeLocal area
$65k - $75k per year
...markets. Position Overview The IT Support Generalist will work... ...Linux; Administer user and group accounts in Active Directory /... ...working with IT ticketing systems; Experience with IT hardware... ...of a team; Understanding of compliance and cybersecurity frameworks;...Full timeContract workInternshipWork at officeShift workWeekend workAfternoon shift$120k per year
...Job Summary Job Title: Systems Engineer Industry : Technology... ...and training documentation in compliance with QA processes. Researching... ...solutions. Preferred expertise in IT, Computer Systems Engineering,... ..., compliance, and risk management in secure environments...CompanyFull timeWork at officeRemote workShift work$100k - $130k per year
...be responsible for leading the IT team in managing the daily... ...locations, distribution centres, and corporate offices. This role acts as the... ...all locations. Ensure all systems supporting retail,... ...standards, including PCI-DSS compliance and privacy requirements. Oversee...CompanyFull timeContract workWork at officeLocal areaWork from homeHome officeWeekend workAfternoon shift$84.7k - $134.7k per year
...A career within Corporate Tax services, will provide you with the opportunity... ...tax function to control risk and facilitate better... ...with tax strategy, ensuring tax compliance, increasing post tax profits,... ...recommendations using multiple sources of information Uphold the firm's code of...CompanyLocal areaOverseas$84.7k - $112.93k per year
...explore new markets, reduce risks, all towards the goal of making... .... As a financial Crown corporation, we offer innovative financial... ...ongoing review of the Insurance group's credit granting and credit... ...Liaises with buyers, banks, information providers and other entities...CompanyPermanent employmentContract workSummer workWork at officeRelocation package2 days per week3 days per week- ...driver identification and vehicle information, excise control, lottery and... ...shape and guide our corporate behaviours and underpin the sense... ...North American Service Delivery group, you will be responsible for ensuring... ...of suite of identification system solutions for our Federal and...CompanyLong term contractPermanent employmentFull timeWorldwide
$70k - $90k per year
...Position Title: Systems Administrator Location: Ottawa, ON (377... ...No unnecessary layers. No corporate theatre. Just smart people doing... ...day-to-day operations of our IT infrastructure, cloud environments... ...logs, security baselines, and compliance hygiene Participate in on-call...CompanyFull time$110k per year
...local law firm to secure an experienced Corporate Lawyer. The selected candidate will manage... ...vendors, customers and service contracts Risk Management- identify legal risks and make... ...legal due diligence Regulatory Compliance- monitor changes in laws and provide advice...CompanyPermanent employmentFull timeInternshipWork at officeLocal area$62k - $106k per year
...Within the Assurance practice, IT Audit & Assurance seeks to elevate... ...on IT and emerging technology risks to help our clients achieve... ...IT audit, IT internal controls, system audit or systems implementation... ...yourself, and more. We are a group of talented people who want to...Permanent employmentApprenticeshipFlexible hours- ...the security industry. We are seeking an IT & Security Specialist to join our team. In... ...hands-on professional who can operate across systems, networks, and security domains. What... ...-solving skills ~ Diploma or degree in Information Technology, Cybersecurity, or a related field...Full timeInternshipFlexible hours
$63.06k - $94.58k per year
...Job Responsibility: Risk Specialist (Permanent) Location: Ottawa, ON, CA, K1P 5E7 Onsite or Hybrid: Risk Specialist (Permanent)... ...key components of their critical air ambulance services. Whether it is providing technical training instruction, developing training materials...Permanent employmentTraineeshipInternshipRelocation packageFlexible hours$68k - $102.5k per year
...Associated with these opportunities come risks, our clients seek independent advice... ...security of their business critical systems, the delivery of major IT enabled programmes, their... ...directly assist clients in employing information systems, resources, and controls to maximize...Information SystemLong term contractFlexible hours- ...broadcast, telecommunications, corporate and government customers for... ...satellite. For more information, follow Telesat on X and LinkedIn... ...currently in need of Senior System Engineering Specialist to join... ...Interface with other Telesat groups regarding system engineering,...CompanyFull timeInternshipWorldwide
- ...Business Tax Services practice: Global Compliance & Reporting (GCR) group. As a member of E&Y's Business Tax... ...to applying knowledge of the corporate and personal tax processes and deadlines... ...deadlines, engagement economics and various information systems to advance the efficiency,...Information SystemCompanyLong term contractFull timeWorldwideFlexible hoursWeekend work
- ...ADGA Group is a Canadian-owned defence and security company that provides... ...Technology (OT) and Cybersecurity Systems Specialist. This role is responsible... ...to Operational Technology (OT) and Information Technology/Operational Technology (IT/OT) environments supporting critical...Information SystemFull timeContract workTemporary workPart timeInternshipRemote workFlexible hours
- ...innovation. Your next chapter starts here. We are seeking an Information Technology Security Engineer to support security engineering... ...applications. Collaborate with development teams to ensure compliance with GC security standards and cloud best practices....Full timeFixed term contract
$96.56k - $128.74k per year
...looking for an Senior Advisor, Enterprise Risk Management ! Join FinDev Canada,... ...: Experience working with other Crown Corporations, Development Finance Institutions (DFI),... ...collect, use, retain, and safeguard personal information during the recruitment process, as well...Long term contractPermanent employmentFull timeWork at office3 days per week- ...Are you a passionate corporate/business lawyer looking to grow your law practice in a supportive and dynamic environment? We are seeking... ...competitive remuneration package. Health Benefits: Access to a group health plan to support your well-being. Who We're Looking For...CompanyPermanent employmentFull timeRemote workFlexible hours
- TEHORA est présentement à la recherche d’ un (e) architecte TI expérimenté(e) afin de contribuer à la conception d’architectures applicatives et technologiques dans le cadre de solutions mobiles Sans être exhaustifs, voici les services et livrables que devra fournir la personne...Hourly payFull timeContract workApprenticeshipRemote workFlexible hours
$59k - $70k per year
...a dedicated and experienced Corporate Law Clerk to join their team... ...Ministry, Companies Branch and Corporations Canada Frequently communicate... ...maintain a solid reminder system Open and close client files... ...Obtain certificates of compliance/status Conduct preliminary...CompanyPermanent employmentFull timeInternship- ...broadcast, telecommunications, corporate and government customers for over... ...satellite. For more information, follow Telesat on X and LinkedIn or visit The Systems Verification Engineering Specialist... ...Infrastructure teams and functional groups for the Telesat Lightspeed LEO...CompanyFull timeInternshipWork at officeWorldwide
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Auditor, IT Risk and Compliance - Corporate Information Systems Group. Be the first to apply!
