Manager, Compliance – Regulatory Complaints
RBC
GRC Lead
WELL Health Technologies Corp. (TSX: WELL)
full-time
Posted on:
Location: 🇨🇦 Canada
Visit company websiteJob Level
Senior
Tech Stack
Cyber Security
About the role
- Oversee WELLSTAR’s ISO 27001 ISMS and SOC 2 Type 2 control framework, ensuring readiness for audits, collecting evidence, and tracking remediation
- Establish and continuously improve policies, processes, and GRC practices
- Own compliance onboarding process for newly acquired entities, designing and executing 12-month roadmaps
- Perform gap analyses, risk assessments, and maturity evaluations, and define remediation plans with business unit leaders
- Maintain the GRC risk register, coordinate internal control testing, and support third-party risk reviews
- Track and present GRC KPIs and compliance metrics to leadership, creating dashboards
- Support awareness campaigns, facilitate employee training, and foster a culture of compliance
- Monitor changes in regulatory requirements and industry trends
- Report directly to the Business Information Security Officer and partner with leaders across nine companies
Requirements
- 8+ years preferred in GRC, compliance, risk management, or IT audit
- Demonstrated success implementing ISO 27001 and SOC 2 Type 2 programs across multi-entity environments
- Deep familiarity with governance and compliance frameworks
- Experience with GRC tools such as Anecdotes, Vanta, Drata, OneTrust, or LogicGate
- Relevant certifications (CISA, CISM, CRISC, or ISO 27001 Lead Implementer/Auditor) are an asset
- Experience working cross-functionally with senior stakeholders in business, legal, IT, and security
- Strong written and verbal communication skills
- Detail-oriented, proactive, and ownership-driven mindset
- Candidates must be based in Canada
- Legal eligibility to work in Canada (question in application)
