Own and maintain the enterprise IT controls framework aligned to NI52-109 and other applicable norms (e.g., ISO 27001, COBIT/ITIL), including control taxonomy, and evidence expectations.
Translate compliance requirements into practical, testable controls for key IT domains (e.g., identity and access management, change management, IT operations, backups, incident management, SDLC where applicable).
Develop and maintain control documentation (control narratives, procedures, evidence guides, control rationales) in partnership with IT control owners.
Lead control design assessments and walkthroughs with stakeholders; identify control gaps and propose remediation plans.
Define evidence standards and quality gates to improve auditability (what “good evidence” looks like, retention, consistency, traceability).
Coordinate and support audit activities (internal and external): walkthroughs, responses, testing support, and closure packages.
Maintain a strong working relationship with Finance stakeholders for IT control topics that support financial reporting and disclosure obligations under NI52-109.
Support the evolution of the control environment (rationalization, standardization, and continuous improvement) and proactively propose new best practices and technologies where valuable.
Support on compliance Regulatory inquiries, reviews

University degree in information systems, accounting, finance, cybersecurity, or any combination of equivalent education and experience.
Minimum 5 years of relevant experience in IT controls, technology risk, internal audit/external audit, or compliance programs.
Strong knowledge of IT control domains (access, change, operations) and how to document and evidence controls in an audit context.
Experience supporting compliance obligations such as NI52-109 and familiarity with related frameworks/norms (e.g., ISO 27001, COBIT, ITIL; familiarity with other industry norms such as SOX is an asset).
Strong ability to write clear control documentation and influence control owners across IT (Applications, Infrastructure, Cloud, IAM, End-User, etc.).
Comfortable partnering with Finance, Internal Audit and External Audit; able to explain technical processes in business/audit language.
Excellent organizational skills and attention to detail; strong judgement and ability to prioritize.
Bilingualism is required considering the necessity to interact on a regular basis with English-speaking colleagues across the country.

Flexible work arrangements and a hybrid work model
Possibility to purchase up to 5 extra days off per year
Multiple benefits offered to support physical and mental wellbeing, including telemedicine, Wellness account and much more
Share plan & other savings: up to 12% of salary or even more (ask how you could earn guaranteed income for life)

Cyber Governance & Compliance Specialist

Key skills