Director, Internal Audit - Technology, Information Security, and AI
$125k - $150k per yearFairstone Financial Inc.
Who we are
Fairstone Bank and its family of brands are united in delivering innovative, accessible and reliable financial solutions that enable Canadians to reach their goals. Over the years, our brand family has grown. In 2024, Home Trust Company, Home Bank and Oaken Financial became part of the Fairstone Bank family of brands, alongside Fairstone, EdenPark and Fig. Together, we are the leading alternative lending bank in Canada. We have the collective experience and expertise to better serve our customers and foster our partners’ growth. With a diverse suite of products—residential and commercial mortgages, consumer deposits and GICs, credit cards, retail and automobile financing, personal loans and digital lending—we offer financial solutions tailored to all Canadians, including newcomers, small‑business owners, smart investors and savvy consumers.
About the role
The Director, Internal Audit – Technology, Information Security, and AI leads the planning and delivery of risk‑based audits and advisory work across the Bank’s technology and digital risk domains. This role provides independence assurance over technology risks across ITGCs, cybersecurity governance, cloud governance, data management, AI, and technology operations. The Director is expected to exercise independent authority and credible challenge with senior technology leaders, including the Chief Technology Officer (CTO) and their leadership team, ensuring that technology risks, control gaps, and remediation commitments are appropriately identified, debated, and addressed. The role requires sufficient technical knowledge and professional competence to engage in difficult, sometimes adversarial conversations with technology leadership while maintaining a constructive, respected, and independent relationship. Co‑sourced SMEs may support deep technical assessments; however, the Director must independently interpret results, synthesize risk implications, and challenge management where standards or practices are insufficient.
Responsibilities
Risk Assessment & Strategy Planning (20%) – Own and maintain the technology audit universe for core domains: Technology Strategy, Data, and AI; Technology Integration; Software Engineering; Digital Services; Technical Services & Performance; Technology Operations; and Information & Cyber Security. Maintain awareness of technological changes in both external and internal environments, including trends in risk management practices and regulatory expectations, and changes in business activities to perform quarterly risk assessments. Lead the annual technology risk assessment, identify appropriate audits for the annual audit plan and help develop the plan for Audit Committee approval. Identify emerging risks within the Technology audit portfolio, monitor these risks to determine their impact, and assess changes needed for the annual audit plan or planned audits.
Audit Plan Execution and Delivery (50%) – Oversee execution and end‑to‑end delivery of all audit projects within the Technology audit universe, ensuring all documentation and audit reports are complete, and projects are appropriately and effectively staffed. Coordinate use of co‑sourced technical experts for deep cyber/cloud/AI testing where needed. Lead opening and closing meetings, review audit working papers, and prepare/review draft internal audit reports for each project. Review control design and effectiveness using industry frameworks (NIST CSF, ISO 27001, COBIT). Deliver balanced and insightful reporting to the Chief Internal Auditor and Audit Committee on technology risk posture, themes, and systemic gaps. Oversee remediation/closure of IT audit findings, OSFI findings including tracking closure to due dates, validate findings with management, and ensure appropriate quality assurance practices are followed. Provide independent advice during major technology initiatives (policy & standards enhancements, modernization, cloud migration, data platform enhancements) from a governance and risk lens and collaborate with stakeholders to embed controls early.
Leadership & Stakeholder Management (20%) – Develop and maintain independent and influential relationships with senior technology stakeholders, including the CTO, CISO, Data & Privacy leadership, and enterprise risk partners. Develop and maintain working relationships with the Bank’s external auditors to support their direct assistance and or audit reliance model. Demonstrate authority, credibility, and technical understanding necessary to challenge technology decisions, risk acceptances, and control deficiencies. Facilitate difficult discussions with technology leadership by articulating risk impacts, regulatory expectations, and control considerations in a clear and authoritative manner. Lead a team of IT audit professionals with a mix of internal capabilities and co‑sourced specialists. Mentor team members to deepen expertise in ITGCs, cyber governance, and foundational cloud/data risks.
Standards, Methodology & Tools (10%) – Ensure all technology audit work adheres to the Global Internal Audit Standards (GIAS) and Internal Audit methodology. Contribute to annual review of audit practices and methodology against relevant benchmarks. Map controls to recognized frameworks as appropriate: NIST CSF/800‑53, ISO 27001/27701, COBIT, CIS Controls, CSA CCM, PCI DSS (if applicable), and applicable privacy regulations. Recommend changes to audit processes, methodology and reporting to improve effectiveness. Champion continuous improvement, agile auditing methods, and data‑driven audit techniques (CAATs, automation, scripts, and continuous monitoring). Promote tooling: GRC, ticketing/ITSM (e.g., ServiceNow), CI/CD, CSP native security tooling, CSPM/CWPP, SIEM/SOAR, data lineage/governance tools, and model monitoring platforms.
Qualifications
Formal Education: University degree in information systems, computer science, engineering, accounting, or related field.
Certified Information Security Audit designation. Preferred certifications: CIA, CRISC, CGEIT, CISSP, CISM, CCSP, ISO 27001, AWS/Azure/GCP security or architecture certifications, CDMP, CIPT/CIPM/CIPP, ISO 27701.
Related Experience: 10+ years of progressive experience within the Financial Services Industry. Solid Information Technology (IT)/Information Security (IS) audit and/or similar management experience in a regulated financial institution. Strong experience leading audits of information technology, information security, data management, and project management, in conformance with IIA Standards. Excellent understanding of risk management and related governance concepts, tools, techniques and best practices gained from practical financial services experience. Strong command of at least three of the following: ITGCs, cybersecurity operations, cloud security/governance, data governance/quality/privacy, SDLC/DevSecOps, AI/ML governance/model risk.
Skills: Strong understanding of the Bank’s risk tolerance, risk management, and risk assessment activities. Technical auditing proficiency in a regulated financial services environment, including strong analytical risk assessment and problem‑solving skills. Ability to counsel and advise on complex risk situations. Excellent communication, decision‑making, time management, negotiation, and influencing skills. Demonstrates teamwork, cross‑unit cooperation, and information integrity and reinforces organizational values. Solution‑focused and takes initiative ensuring personal and team work effectively and efficiently within established guidelines. Ability to lead a strategic and progressive approach to provide value‑added recommendations to leaders across the Bank.
Benefits
• Award‑Winning Culture. • Work‑Life Balance with a hybrid work model. • Generous vacation based on role, statutory holidays, and 6 wellness days. • Competitive base salary plus an annual incentive bonus tied to performance. • Robust health and dental coverage through Manulife and virtual healthcare through Dialogue. • Group Retirement Savings Plan with up to 7% employer match. • Discounts from top retailers via WorkPerks; location‑based perks like gym memberships and Toronto Bike Share. • On‑site fitness: gym access at London and Montreal offices. • Education Assistance Program and Fairstone Academy for training and skill development. • Parental leave top‑up program. • One paid volunteer day to give back to causes that matter.
What you can expect – pay & process
Expected base salary range is $125,000 – $150,000, plus the opportunity to earn an annual incentive bonus tied to performance. This posting is for an existing vacancy within the organization. Artificial intelligence may be used in parts of the recruitment process. All candidates considered for hire must successfully pass a criminal background check, credit check, and validation of their work experience to qualify for hire.
EEO Statement
Fairstone is an equal opportunity employer. Accordingly, we will make reasonable accommodations to respond to the needs of people with disabilities. Individuals who view themselves as Aboriginals, members of visible minorities, and disabled are encouraged to apply in confidence.
Job Type
Full time; Permanent.
#J-18808-Ljbffr- ...seeking a highly accomplished, strategic leader to serve as Director, Internal Audit. As the organization’s head of Internal Audit, the role is accountable... ...risk perspectives, strengthening oversight, and supporting informed decision-making across Toronto Hydro. This is a...SuggestedLong term contractLive InWork at officeRemote work2 days per week
- ...by helping shape a best-in-class global Internal Audit function. The Internal Audit Professional... ...effective use of audit tools and technology, and delivers programs across quality assurance... ...Practice & Enterprise Initiatives, the Director will lead a team responsible for advancing...SuggestedFull timeWork at officeImmediate startWorldwideFlexible hours
- ...connected future through world-class networks, AI-powered solutions, and digital... ...why we equip our teams with cutting-edge technology, AI tools, and a collaborative environment... ...business success. Summary The Internal Audit team is seeking a highly motivated Senior...SuggestedLong term contractFull timeWork at office3 days per week
$100k - $205k per year
...subject matter experts through mentoring and on the job coaching -- What will your typical day look like? As Senior Manager, Internal Audit, you will manage a diverse team of talented consultants and senior consultants, coaching them to their highest potential while...SuggestedPermanent employmentFlexible hours$102.64k - $153.96k per year
...most complex legal matters. GRC Analyst, Information security The Role The information security GRC analyst, reporting to the Director Information Security GRC, will support... ...security compliance, security governance, and internal controls. This role will contribute to...SuggestedFull time$57k - $102k per year
...We are seeking a motivated Security Specialist to join our cybersecurity... ...: EDR/MDR focused technologies: CrowdStrike, Microsoft Defender... ...Degree in Computer Science, Information Security, or related field, or... ...human screening combined with AI technology to help identify...Permanent employmentFlexible hours- ...selves to work. Here, you’ll find opportunities to learn, lead, and make an impact every day. POSITION OVERVIEW: As an Analyst, Internal Audit and Compliance at RioCan, you will play a critical role in ensuring the integrity and effectiveness of our internal controls, risk...Permanent employmentFull time
- ...place. Job Description The Information Security Lead provides cybersecurity expertise across... ...requirements are considered in new technologies and projects. As a senior member of the... ...of PCI DSS compliance activities and audits. KEY ACCOUNTABILITIES Strategic...Full timeFlexible hours
$55k - $65k per year
Overview Languages English Education Bachelor's degree Computer technology/computer systems technology Experience 2 years to less than 3 years Hybrid Work must be completed both in person and remotely. Benefits Health benefits Dental...Permanent employmentFull timeRemote work- ...sizes to explore, design, and implement AI strategies that are secure, scalable, and human-centered. We... ...security mandate: you must secure our internal operations, embed security directly into... ...to shape how an entire category of technology gets secured. We're not asking you to...Full timeFor contractorsInternshipRemote workDay shift
$69k - $114k per year
...architect comprehensive network security solutions tailored to meet... ...cybersecurity trends, threats, and technologies to proactively enhance our... ...• Conduct regular security audits and assessments to ensure... ...degree in Computer Science, Information Technology, or a related field...Permanent employmentRemote workFlexible hours$55 - $65 per hour
...Information Security Analyst (AI / First Line of Defense) Take part in meaningful technology and security initiatives focused on cloud environments, information risk, and AI governance. This role offers a mix of strategic and hands-on responsibilities in a collaborative...Hourly payPermanent employmentFull timeContract workMonday to friday- ...CIBC.com What you'll be doing You’ll be joining CIBC’s Information Security Risk Services team. You’ll be on the front lines of building... .... You seek out innovative solutions and embrace evolving technologies. You can easily adapt to new tools and trends. You have a...Full time3 days per week1 day per week
$69k - $114k per year
...like? We are seeking a hands on Cloud Security Lead who excels at deep technical... ...teams. Research and interpret Deloitte internal information security standards, translating policy... ...operations. About the team Deloitte Technology works at the forefront of technology development...Permanent employmentRemote workFlexible hours- ...behind the brands you love in cutting-edge technology solutions, partnering with some of the... ...landscape, our leadership relies on Internal Audit to objectively evaluate risk management... ...with no prior history or background. Security & Infrastructure Oversight: Conduct IT...Local areaRemote workWorldwideShift work
$30 - $50 per hour
...competitive advantage. Cresta’s unified AI platform combines... ...team as AI Quality Assurance Interns . This is a hands-on role... ...quality assessment Model output auditing Light prompt testing and... ...candidates' personal and financial information through fake interviews and...Hourly payInternshipWork at office- ...organizations of all sizes to explore, design, and implement AI strategies that are secure, scalable, and human-centered. We believe AI should... ...labs. Systems that run. We need a Managing Director of Technology to own the technical side of the house as we scale Human...Full timeFor contractorsInternshipRemote work
- ...Thomson Reuters is building the AI platform that will power the... ...decade of tax, accounting and audit products, including CoCounsel... ...and provide trusted, unbiased information to people all over the world.... ...experience with consideration given to internal equity. Base pay is one part...Long term contractFull timeWork at officeLocal areaFlexible hours2 days per week3 days per week
- ...kind of bank because we knew technology had the power to transform... ...may be based in one of our international offices (such as Sydney or Toronto... ...to join our growing cyber security function. This role will be... ...Go and/or Java. ~ A Cyber/Information Security related degree and/...WorldwideVisa sponsorshipWork visaFlexible hours
$38 - $43 per hour
...is leading the industry on cutting-edge AI technology, revolutionizing performance expectations... .... We are hiring an Applied AI Intern to work within our People Operations and... ...will have direct and/or indirect access to information, systems, or technologies subject to these...Permanent employmentInternshipWork at officeImmediate start$140k - $260k per year
...like? The Global Data Platform Director role is a unique role that... ...to enable scalable analytics, AI, and data-driven decision-making... ..., ensuring data is a trusted, secure, and accessible enterprise... ...Act as platform ambassador to internal/external customers (business units...Long term contractPermanent employmentWork at officeImmediate startRemote workFlexible hours$140k per year
Our client is a multi-national metals and mining giant looking to add to their team on a full time bases a Manager, Internal Audit. If you are looking for your next opportunity this is a great role working for a terrific person in one of Canada's top rated employers. This is...Permanent employmentFull timeWork at office3 days per week$155k - $165k per year
...company. They are looking for a Director Finance to join their team!... ...Why Work Here Strong internal growth opportunities across Finance... .../productivity and acts as an information service provider, ensuring... ...ensure efficient review and audit execution; Oversee the...Work at officeLocal area- ...detail-oriented and analytical intern to support our Product... ...the Global Catalogue/Product Information Management (PIM) initiative and... ...with large datasets, leverage AI tools to improve efficiency, and... ...Conduct competitor research and audits, collecting, organizing, and analyzing...InternshipLocal areaWorldwide
$160k - $180k per year
...General Information Job Title: Director of Sales (Technology Delivery) Location: Toronto, ON (Onsite/Hybrid) Job Type: Full-Time Reporting Line: Chief... ...client relationship, shaping a solution, or building internal capability, your decisions have visible impact. We...Long term contractFull timeContract workLocal areaRemote workFlexible hours- ...complexity—aligning business ambition with technology execution to unlock real, lasting change.... .... We design and implement scalable, secure, high-impact technology solutions that accelerate... .... Role Summary As a Technical Director, you will provide strategic technology...Permanent employmentFull time
- ...is leading the industry on cutting-edge AI technology, revolutionizing performance expectations... ...contributors of all seniorities. At Tenstorrent, interns don’t just write code—they help shape the... .... Build performance analysis tools to inform compiler and runtime design....Permanent employmentInternship
- ...here . What you’ll do You will build the next generation of internal AI coding tools and platforms, to massively accelerate Stripe’s... ...demonstrated ability to use large datasets to pick out user insights and inform product development. Product engineer - demonstrated ability...
$140k - $260k per year
...Architecture vision across Global Deloitte Technology services and Member Firm environments •... ...aligned to business priorities, analytics, and AI enablement goals • Ensure alignment with... ...across platforms • Partner with Security and Compliance teams to co-develop enterprise...Permanent employmentRemote workFlexible hours$140k - $175k per year
...excited by the opportunity to secure products used by millions of professionals... ...You will also lead our Secure AI program for AI-powered... ...and provide trusted, unbiased information to people all over the world.... ...with consideration given to internal equity. Base pay is one part...Full timeWork at officeLocal areaFlexible hours2 days per week3 days per week
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Director, Internal Audit - Technology, Information Security, and AI. Be the first to apply!
- manager internal audit Toronto, ON
- director internal audit Toronto, ON
- audit manager Toronto, ON
- audit director Toronto, ON
- technology manager Toronto, ON
- manager information technology Toronto, ON
- director information technology Toronto, ON
- information director Toronto, ON
- sports information director Toronto, ON
- records manager Toronto, ON
