Develop, implement, and maintain Hudbay’s IT governance, risk, and compliance (GRC) program
Ensure that security policies and practices align with business objectives, industry standards, and regulatory requirements
Establish / maintain a formal IT governance framework
Draft, review, maintain and support creation of IT policies, standards, and procedures
Report on security metrics and program maturity to management
Ensure IT risks are identified, assessed, and managed
Conduct periodic IT risk assessments of systems, processes, and third parties
Maintain the IT risk register and track remediation plans
Ensure Hudbay meets its security compliance obligations
Act as the primary point of contact for internal and external IT audits
Monitor and report on compliance with security policies and standards
Coordinate remediation efforts for audit and compliance findings
Foster a security-conscious culture among all employees
Develop and manage the company-wide security awareness training program, including phishing simulations
Create and deliver targeted security communications and training materials.

Requirements

A bachelor's degree or diploma in Information Technology, Business, or a related field
IT security/governance certifications such as CISA, CRISC, CISM, or CISSP are preferred
3-5 years of experience in an IT audit, risk management, or governance role
Experience developing and implementing IT policies and standards
Strong knowledge of IT governance frameworks (e.g., COBIT, ISO 27001, NIST Cybersecurity Framework)
Experience with risk assessment methodologies
Familiarity with data privacy regulations (e.g., PIPEDA)
General understanding of network security, system security, and cloud technologies
Proficiency with Microsoft Office applications, particularly for documentation and reporting
2+ years of related experience
A+ Certification and Microsoft Certified Professional (MCP) designation preferred
Experience in a related role requiring timeliness, customer service, organization, prioritization, troubleshooting, and working independently to successfully install, configure, maintain, and support Windows desktop operating systems and software
Experience with ServiceNow ticketing system preferred but not required
Excellent written and verbal communication skills, with a strong ability to prepare reports and policy documentation
Strong interpersonal skills for collaborating with diverse teams, including legal, finance, and operations
Ability to work independently and manage multiple priorities
Valid Driver’s License is required
Highly organized with a strong project-oriented work ethic
Demonstrated diplomacy, confidentiality, and self-confidence.

Benefits

Annual performance bonuses
Health benefits for you and your family, with a health spending account
Company paid insurances for Life, Spousal and Dependent Life, AD&D, Critical Illness, and Short & Long Term Disability cover
A Defined Contribution pension that includes company contribution and additional matching of your voluntary contributions
An Employee Share Purchase Plan with contribution matching
A yearly Wellness Subsidy of up to CAD $1,000
Employee charity matching program for eligible charitable donations made by employees
Regular performance appraisals to acknowledge our employees for their contributions, strengths and work well done
Opportunity to work out of our Platinum Class A and Platinum BOMA BEST® Certified office building in Toronto’s South Core Business District

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

IT governancerisk managementIT auditIT policiesrisk assessment methodologiesnetwork securitysystem securitycloud technologiessecurity metricssecurity compliance

Soft skills

communication skillsinterpersonal skillsorganizationprioritizationtroubleshootingindependenceproject managementdiplomacyconfidentialityself-confidence

Certifications

CISACRISCCISMCISSPA+ CertificationMicrosoft Certified Professional