Governance, Risk and Compliance (GRC) Manager
Life at Samsung Ads
We are proud to build a world class organization that thrives on: Collaborating closely, delivering quality and value in all that we do, breaking new ground and adapting quickly to a rapidly evolving industry. We are looking for a 12 month contract GRC Manager (internally identified as an ‘IT Security Compliance Manager’)!
As a 2023 “Montreal’s Top Employer”, we offer a hybrid work environment in Montreal and Toronto that is made easy for you with practical perks, commuting and lunch benefits.
- A competitive compensation package, including a performance based incentive plan
- A very generous and broad ranged personal & healthcare spending program
- 100% company-paid comprehensive health & dental coverage; you can choose the option(s) that best suits YOU
- Minimum 21 days of paid time off and so much more!
- Access to free learning and development opportunities
- Amazing discounts, tons of social activities and various other extras!
- Onboarding framework which ensures you’re set up for success from Day 1
- Giving back program which includes donation matching & volunteering including a paid volunteer day
If you wish to know more about us, please visit www.samsungads.ca.
About this role
The GRC Manager plays a key role in ensuring Information Security and compliance in the organization by being responsible for elaborating and maintaining thorough internal and external audits, vendor due diligence program, and security risk management program. With the collaboration of relevant stakeholders, they develop, maintain and update all IT Security related policies, and control processes within the organization at a global scale.
- Perform continuous control monitoring of existing compliance programs (e.g., SOC 2) and work with internal teams to close control gaps.
- Conduct risk assessments and mature our risk management process; plan and manage several projects to meet compliance and security requirements.
- Facilitate the review of third-party vendors from a risk and compliance perspective; participate in responding to customer privacy inquiries and related security questionnaires.
- Maintain security compliance documentation and associated processes to enable scalable and consistent distribution of content to prospects and customers.
- Conduct and / or participate in regular compliance and security audits; develop and implement tools to support automated collection of the various security assessments.
- Act as an advocate for IT security and compliance within the organization; support the development and maintenance of security policies and procedures for compliance and share/educate internal teams on IT security best practices.
- 8+ years in security governance, IT audit, and compliance or related fields.
- Strong leadership and communication skills with an ability to establish partnerships and influence at all levels (including senior executives).
- Experience in supporting information security compliance programs either SOC2 or ISO 27001.
- Experience in developing and maintaining security policies and standards; applying your Security and Compliance knowledge along with risk standards, frameworks and best practices (i.e. ISO27K1, NIST, CIS, SOC:1-2 Cyber Essentials, GDPR).
- Understanding of security functions including Incident, Change & Vulnerability Management, Identity and Access Management (IAM) and Vendor Security Risk Management.
- Ability to manage and lead projects end to end and navigate calmly if faced with complex and unfamiliar situations.
Quebec Language Clause
This role demands for the individual to work on global/large scale projects and to assist, regularly, clients across Canada and the United States as well as with teams outside Québec; and therefore, requires that the incumbent is able to also speak/write in English.
Diversity and inclusion
Samsung Ads is committed to working with the best and brightest people from the broadest talent pool possible. We believe a diversity of ideas fosters innovation and engagement, and allows us to attract the best people, and to develop the best products, services and solutions. All qualified individuals are encouraged to apply. If you need assistance, or have any questions during the application and recruiting process, please contact us at: email@example.com.