Compliance & Governance Specialist

Jobgether · Canada

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Compliance & Governance Specialist based in Canada.

This is a senior-level, high-impact role focused on shaping and sustaining enterprise-wide security, compliance, and governance programs across cloud and product environments. You will play a key role in strengthening audit readiness, reducing organizational risk, and improving operational resilience through scalable and automated control frameworks. The position involves close collaboration with engineering, security, legal, and AI-focused teams to embed compliance into daily workflows without slowing delivery. You will be responsible for driving multiple industry frameworks such as SOC 2, ISO standards, and emerging AI governance requirements. Operating with significant autonomy, you will own audit cycles, compliance roadmaps, and cross-functional remediation efforts. This is a remote-first role in Canada with broad organizational influence and exposure to leadership-level reporting.

Accountabilities:

Own and evolve enterprise security and compliance programs, including SOC 2 Type II, ISO 27001, ISO 42001, and related governance frameworks.
Lead end-to-end audit readiness activities, including gap assessments, control mapping, auditor coordination, evidence collection, and remediation tracking.
Translate regulatory and framework requirements into practical, scalable controls that can be implemented across engineering and product teams.
Drive automation of compliance evidence collection and support continuous audit readiness in collaboration with engineering teams.
Maintain ISMS and AIMS governance structures, including policy lifecycle management, scope definition, and control documentation.
Oversee internal audits, CAPA management, and ongoing certification maintenance while evaluating control effectiveness.
Collaborate cross-functionally with engineering, security, legal, and AI teams to embed compliance into SDLC and operational processes.
Manage vendor and third-party risk assessments, including due diligence, contractual alignment, and residual risk evaluation.
Produce compliance dashboards, KPIs, and executive reporting to support leadership decision-making and risk visibility.

Requirements:

5+ years of experience in information security, compliance, audit, or risk management, with strong hands-on SOC 2 Type II exposure.
Deep understanding of SOC 2 Trust Services Criteria and audit execution practices.
Experience working with ISO 27001 frameworks, ISMS operation, CAPA management, and certification maintenance.
Ability to assess control design and operational effectiveness, identify gaps, and drive remediation across teams without direct authority.
Strong communication skills with experience producing audit documentation, risk reports, and compliance dashboards.
Familiarity with cloud environments (especially Azure) and how infrastructure decisions impact compliance controls.
Nice to have: exposure to ISO 42001, AI/ML governance, responsible AI frameworks, or model risk management.
Nice to have: experience in regulated sectors such as utilities, government, or public services.
Relevant certifications such as CISSP, CISA, CRISC, or ISO 27001 Lead Implementer/Auditor are an asset.

Benefits:

Competitive salary range of 95,000–100,000 CAD
Comprehensive medical, dental, and vision coverage from day one
Employee stock ownership and retirement savings matching programs (RRSP/401k)
3 weeks of vacation plus 5 personal days annually
Remote-first work environment across Canada
Lifestyle rewards and additional employee perks
Long-term career stability within a financially strong organization.

Apply →

Compliance & Governance Specialist

Accountabilities:

Requirements:

Benefits:

Other roles at Jobgether