IT Compliance, Senior Analyst

IT Compliance, Senior Analyst

At Interac, we design and deliver products and solutions that give Canadians control over their money so they can get more out of life. But that’s not all. Whether we’re leading real-time money movement, driving innovative commerce solutions like open payments for transit systems, or making advancements in new areas like verification and open banking, we are playing a key role in shaping the future of the digital economy in Canada.

Want to make a lasting impact amongst a community of creative thinkers, problem solvers, technical virtuosos, and high-performance application developers? We want to hear from you.

Collaborating with the Leader, Business and Information Security Office (BISO) & IT Compliance Management, you will engage with internal and external stakeholders to maintain and enhance the audit, regulatory, and contractual compliance activities of the organization. A key initiative will be maintaining the company’s ISO 27001 Certification.

This role will involve a mix of stakeholder management, risk management/tracking, training, and documentation development.

You'll be responsible for: 

• Preparing and maintaining a risk register to track, identify, and remediate gaps found during project, system, and software lifecycles through internal/external audits, security risk assessments or security reviews. This also includes tracking any associated risk acceptances and/or exceptions.

• Creating reporting to measure the effectiveness of the technical controls that can be used to propose compensating controls accordingly

• Enhancing and maintaining established compliance risk assessment frameworks.

• Proactively contributing to compliance initiatives, providing technical and business advice, as well as insight into management processes.

• Aligning and refining Information Security policies and standards with industry best practices, pertinent regulations and standards bodies (ISO 27001/2, PCI DSS. CIS, NIST Series)

• Building compliance aware business units by communicating and guiding the implementation of established security processes and requirements.

• Reviewing documents and architecture diagrams to determine risks to the organization

• Collaborating with stakeholders at all levels to make informed, risk-based recommendations that enhance the compliance posture of the organization, products, and services.

• Weighing operational needs against security concerns to help guide the business to make practical and informed risk decisions

• Leveraging expertise in Information Security Management (ISM) to facilitate the completion of security assessments and compliance audits involving a mix of internal and external/third-party stakeholders.

• Training internal and external stakeholders on their compliance and/or regulatory requirements to help ensure successful audits and legal reviews.

• Serving as a key interface with external and internal auditors for compliance related activities

• Creating and updating technical documentation to support compliance efforts in line with company policies.

• Working alongside internal teams to ensure that that effective business continuity plans (BCPs) and Disaster Recovery Plans (DRPs) are in place and maintained.

• Keeping abreast of changes to industry best practices and cybersecurity risks to ensure our internal practices are current.

You bring:

• A degree in Computer Science, Information Security, Business or equivalent work experience.

• Additional relevant Certifications would be an asset - ITIL V4 Foundation Cert. in ITSM, COBIT, CRISC, CISSP.

• Over 7+ years of IT, and/or non-financial risk management experience (governance, operations, audit, control functions, compliance, risk management).

• You have led the ongoing management of a Governance Risk and Compliance Tool (GRC Tool)

• Strong and proven leadership capabilities in communication, coaching, influence, negotiation and conflict resolution

• Knowledge or understanding of Risk / Control frameworks (ITIL, ISO, COBIT, NIST,PCI).

• You have demonstrable ability to balance contesting or conflicting goals of various stakeholders through maturity, negotiation and project management, as well as governance skills.

• Knowledge of global banking practices including related systems, procedures, regulations.

• Extensive capabilities in PowerPoint, Excel, data analytics and visual dashboarding.

• Eligibility to work for Interac Corp. in Canada in a full-time capacity.

Interac requires employees to complete a background check that is completed by one of our service providers.  We use this service to complete the following checks:

• Canadian criminal record check;
• Public safety verification;
• Canadian ID cross-check;
• 5-year employment verification;
• Education verification; and
• If applicable, Credit Inquiry and Social Media Check

How we work
We know that exceptional people have great ideas and are passionate about their work.  Our culture encourages excellence and actively rewards contributions with:
Connection: You’re surrounded by talented people every day who are driven by their passion of a common goal.
Core Values:  They define us. Living them helps us be the best at what we do.
Compensation & Benefits: Pay is driven by individual and corporate performance and we provide a multitude of benefits and perks.
Education: To ensure you are the best at what you do we invest in you