Senior IT Security Risk Specialist (18-month contract)

Embark on a journey with one of Canada's fastest growing companies – welcome to goeasy! We have been honored with recognitions such as Waterstone Canada’s Most Admired Corporate Cultures, the 2022 Report on Business Women Lead Here, Report on Business for Canada’s Top Growing Companies and TSX30 as one of the best performing companies on the TSX. We've also received the Greater Toronto Top Employers Award and certified as a Great Place to Work®. We're on the lookout for the best and brightest to join our team!

Our vision is to provide everyday Canadians a path to a better tomorrow, today.  As one of Canada’s leading non-prime consumer lenders, we offer a full suite of products including non-prime leasing, unsecured and secured loans as well as point-of-sale-financing though easyhome, easyfinancial, and LendCare.  

Join a team where you, as our new Senior IT Security Risk Specialist (18-month contract), will play a pivotal role in transforming our organization's security landscape. Reporting to the Senior Manager, Application Security & IT Risk Management, you'll collaborate with IT operational teams and various departments to communicate and implement IT risk, governance, and control strategies. You'll be the driving force in shaping our IT resilience strategy!

What will you be doing?

• Partner effectively with IT operational teams to create awareness of and communicate IT risk, governance, and control requirements.
• Collaborate with other departments (Internal Audit, Infrastructure, Development, Legal, HR, Finance, etc.) on cross-functional IT risk, governance, and compliance requirements.
• Gather and store artifacts to prepare for audits and support IT audit functions.
• Prepare IT risk-related presentations for senior management review.
• Follow up on action items from IT risk and audit meetings.
• Champion the collection of audit/compliance program responses and documentation.
• Assist in the coordination and documentation of the IT risk and compliance program libraries.
• Perform other duties as assigned.
• Have experience with PCI DSS, SOC2, and SOX/Bill 98 compliance.
• Manage Disaster Recovery/BCP framework.
• Perform IT control testing.
• Implement and manage an Enterprise IT Risk Framework.
• Implement and run an enterprise-wide vendor risk assessment program.
• Develop IT risk register templates and IT risk exemption forms.
• Conduct risk assessments.

What experience do you have?

• Technical designations such as CISA or CRISC.
• Bachelor’s or master’s degree in Information Security, Computer Science, or Business.
• Experience or interest in IT and/or audit with 8+ years of industry experience.
• Strong attention to detail, organizational skills, and time management.
• Ability to develop and manage relationships, and identify cybersecurity, IT controls, and governance opportunities that meet the organization’s needs.
• Ability to manage IT risk, governance, and control projects, meet deadlines, and manage stakeholder expectations.
• Strong collaborative qualities when working in a team and the ability to become a subject matter expert in a given IT risk, governance, and control field.
• Clear, articulate, and confident written and verbal communication skills, including client reports and presentations, papers, and articles.

We offer a Flexible Work Program that provides you the ability to work three days onsite per week, between our Mississauga and downtown Toronto office.

Internal Applicants: please apply through the link and provide written endorsement from your current manager.

Diversity, Inclusion, and Equal Opportunity Employment:
At goeasy, we believe that we can only be the best when people are able to bring their best selves to work every day. This means that we are committed to cultivating and preserving a work culture where we celebrate who we are, where everyone feels seen and heard and where every employee can fulfill their potential. As an equal opportunity employer, we are committed to providing accommodations for applicants upon request at any stage of the recruitment process in accordance with all legislative requirements throughout Canada. Please let us know if you require an accommodation during any aspect of the recruitment process and we will work with you to address your needs.

Additional Information:
All candidates considered for hire must successfully pass a criminal background check, credit check, and validation of their work experience to qualify for hire.  We thank all interested applicants, however we will only be contacting those for interview who possess the skills and qualifications outlined above.