Auditor, IT Risk and Compliance - Corporate Information Systems Group

Jobgether·Lever
CanadaFull-timePosted Jul 7, 2026
Apply

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for an Auditor, IT Risk and Compliance - Corporate Information Systems Group based in Canada.

As an Auditor, IT Risk and Compliance, you will play a key role in strengthening IT governance, cybersecurity, and compliance across a complex technology environment. Working remotely as part of the Corporate Information Systems team, you will help develop and manage audit, risk, and compliance programs while collaborating with technical and business stakeholders. This position offers the opportunity to assess security controls, support regulatory compliance, and contribute to continuous process improvement using industry-leading frameworks. You will provide expert guidance on risk management, participate in security initiatives, and help ensure critical systems remain secure and compliant. This is an excellent opportunity for an analytical professional who enjoys solving complex challenges and making a meaningful impact on enterprise-wide information security practices.

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for an Auditor, IT Risk and Compliance - Corporate Information Systems Group based in Canada.

As an Auditor, IT Risk and Compliance, you will play a key role in strengthening IT governance, cybersecurity, and compliance across a complex technology environment. Working remotely as part of the Corporate Information Systems team, you will help develop and manage audit, risk, and compliance programs while collaborating with technical and business stakeholders. This position offers the opportunity to assess security controls, support regulatory compliance, and contribute to continuous process improvement using industry-leading frameworks. You will provide expert guidance on risk management, participate in security initiatives, and help ensure critical systems remain secure and compliant. This is an excellent opportunity for an analytical professional who enjoys solving complex challenges and making a meaningful impact on enterprise-wide information security practices.

Accountabilities:

    • Plan, execute, and report on internal IT and cybersecurity audits using recognized compliance frameworks such as ISO 27001, PCI DSS, SOC 2, CIS Controls, and other industry standards.
    • Develop detailed audit plans, document findings, assess corrective actions, and present audit results and recommendations to management and governance committees.
    • Monitor organizational compliance with applicable regulatory requirements and industry frameworks while maintaining and enhancing internal control frameworks and policies.
    • Participate in enterprise IT risk management activities by identifying, assessing, documenting, tracking, and reporting technology and cybersecurity risks.
    • Collaborate with business stakeholders and subject matter experts to evaluate compliance gaps and recommend practical, risk-based improvements.
    • Support investigations of security incidents, contribute to root cause analysis, and provide technical guidance on compliance and security-related initiatives.
    • Advise project teams during the implementation of new controls and compliance frameworks while ensuring alignment with organizational and regulatory requirements.
    • Monitor corrective action plans, promote continuous improvement initiatives, and enhance audit methodologies, governance processes, and risk management practices.
    • Requirements

      • Bachelor's degree in Information Systems, Information Technology, Cybersecurity, or a related field, or an equivalent combination of education and relevant professional experience.
      • Minimum of 3 years of experience in IT auditing, IT risk management, compliance, cybersecurity, or a similar role within a regulated environment.
      • Strong knowledge of compliance frameworks such as ISO 27001:2022, PCI DSS v4.0+, SOC 2, and related governance, risk, and compliance standards.
      • Working knowledge of threat and risk assessment methodologies, cybersecurity principles, and Governance, Risk, and Compliance (GRC) tools.
      • Experience conducting compliance assessments, developing audit reports, presenting findings to management, and collaborating with external auditors.
      • Strong understanding of current cybersecurity threats, security trends, and control frameworks.
      • Professional certification such as CISA, BSI Internal Auditor, PECB Internal Auditor, ISC2, GIAC, SANS, or an equivalent credential is considered an asset.
      • Additional experience with frameworks such as ISO 14298, FedRAMP, CSA, CSA STAR, or NASPO is preferred.
      • Excellent analytical thinking, organization, communication, stakeholder management, and collaboration skills.
      • Fluent English language skills are required; Spanish language proficiency is considered an advantage.
      • Must be legally eligible to work in Canada, able to obtain and maintain Government of Canada Secret (Level II) security clearance, and willing to travel approximately 2 to 6 weeks per year.
      • Benefits

        • Permanent, full-time remote position based in Canada.
        • Competitive compensation package.
        • Comprehensive health, medical, and life insurance coverage.
        • Defined contribution pension plan with employer matching.
        • Opportunity to work on enterprise-level IT risk, cybersecurity, and compliance initiatives.
        • Collaborative and inclusive work environment that supports professional growth and continuous learning.
        • Exposure to a wide range of industry-leading compliance frameworks, governance programs, and security projects.
How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!  Why Apply Through Jobgether?    Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.     #LI-CL1

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free