FREE ACCESS
5,000–10,000 jobs/day

See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Auditor, IT Risk and Compliance
Canadian Bank Note Company, LimitedAuditor for IT Risk and Compliance in Corporate Information Systems at Canadian Bank Note Company. Develop, deliver, and manage compliance and risk programs and activities while conducting audits and assessments.
Tech Stack
Tools & technologiesCyber Security
About the role
Key responsibilities & impact- Develop, deliver and manage compliance and risk programs and activities
- Conduct Audits and perform comprehensive internal audits aligned with recognized frameworks (ISO/IEC 27001, ISO 14298, PCI DSS, SOC 2, CIS Controls etc.)
- Prepare detailed reports on audit findings, update registers, and highlight areas of concern
- Present findings to senior management and compliance committees
- Ensure IT systems and procedures comply with industry standards and regulations such as ISO-27001, PCI, and SOC 2
- Create internal policies and procedures to meet emerging or evolving standards
- Participate in the maintenance of ongoing risk management program following CBN standard procedures
- Identify and evaluate risks collaborating with stakeholders and SMEs
- Document identified risks and communicate them to relevant stakeholders
- Provide subject-matter guidance to business and technology teams
- Oversee the implementation of corrective actions to ensure compliance issues are resolved effectively
- Continuously seek ways to improve processes and methodologies
Requirements
What you’ll need- Bachelor’s degree in Information Systems (or similar) or equivalent combination of relevant education and additional relevant work experience
- Certification and/or demonstrable knowledge/experience in compliance frameworks including ISO 27001:2022 and PCI-DSS v4.0+
- Working knowledge of industry recognized threat and risk management methodologies and frameworks
- Comprehensive knowledge of Unified Compliance Frameworks and GRC tools
- Thorough knowledge of current security trends, threat vectors and cyber security threats
- 3+ years of experience in a relevant auditing, compliance and/or risk role
- Experience in cybersecurity, corporate security, or highly regulated organization
- Experience in developing and delivering compliance and risk assessments, creating, and presenting reports to management and liaising with external auditors
- Legally eligible to work in Canada
- Fluent in English (speak, read, write)
- Able to obtain (in a timely manner) and maintain Government of Canada Secret (Level II) security clearance
- Able to travel 2-6 weeks/year
Benefits
Comp & perks- health, medical and life insurance benefits
- defined contribution pension plan with company matching
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
Compliance Program DevelopmentInternal AuditingRisk AssessmentReport PreparationPolicy CreationThreat ManagementCybersecurity KnowledgeISO/IEC 27001 FrameworkCIS ControlsSOC 2 Compliance
Soft Skills
Effective CommunicationStakeholder CollaborationProblem-SolvingProcess ImprovementPresentation Skills
Certifications
ISO 27001 CertificationPCI DSS Certification