Governance, Risk & Compliance, Lead

Who We Are

Every transaction matters. Every Canadian matters. At Interac, we protect both — driving trust, security, and inclusion, so our digital economy thrives.

Founded in 1984, Interac connects Canadians through secure digital payments, advanced identity verification and industry-leading fraud protection. Connecting banks, businesses, and individuals, Interac enables millions to send, receive, and manage money safely and effortlessly every day — across both digital and physical environments.

As the backbone of Canada’s financial ecosystem, Interac facilitates over 20 million transactions daily, supported by trusted partnerships with government and financial institutions. Consistently ranked as Canada’s most reputable financial technology brand, Interac is deeply embedded in the daily lives of Canadians.

Who You Will Work With

The vacant Governance Risk and Compliance, Lead is a key resource to ensuring Interac Corp. “Security First” principles are embedded in all environments.

Reporting to the Leader, Governance Risk and Compliance, the successful candidate will have knowledge of principles in security policies and standards and modern practices and a good understanding of security aspects of the various technologies. As a member a dedicated Information Security team, The Governance Risk and Compliance Lead works closely with senior leadership, team members and staff across Risk, Audit, Legal, HR, Fraud, Operations, and Infrastructure teams to ensure the organization is operating securely.

In this role, you are working with the various teams to maintain security risk posture of the organization. You want to know as much about the state of the environment as you can, and you can think outside the box when it comes to proposing solutions which will benefit the organization.

A key initiative will be maintaining ISO 27001 Certification.

What You Will Do

Expertise leading the implementation and ongoing management of the Governance Risk and Compliance Tool (GRC Tool) for Information Security

Preparing and maintain risk register that identifies gaps during project, system and software lifecycles through security risk assessments or security reviews and track risks for remediation

Reporting on and measure the effectiveness of the technical controls via security metrics.

Enhancing and maintaining the security risk assessment framework

Proactively contribute to security governance initiatives, providing technical and business advice, as well as insight on management processes

Aligning and refining Information Security policies and standards with industry best practices, pertinent regulations and standards bodies (ISO 27001/2, PCI DSS, CIS, NIST Series)

Developing security requirements matrix mapped to organization’s policies and standards

Prepare, track and maintain risk acceptances and security exceptions.

Leverage expertise in information security risk management to prepare and conduct security assessments for both planned initiatives and unplanned instances.

Examine and interpret requirement documents and architecture diagrams and determine security risks to the organization

Collaborate with senior leaders and make informed, risk-based recommendations to enhance the security posture of the organization, products and services

Weigh business needs against security concerns to help guide the business to make practical and informed risk decisions

Participate and support security related and serve as a key interface with external and internal auditors for security compliance related activities

Support development, enhancement, and socialization of the security awareness program

Create and update technical documents in line with company policies

Ensure that effective BCP/DR policies and plans are in place and maintained

Keep abreast of the cybersecurity threats and assess their potential impact to Interac’s posture

What You Bring

You have an excellent knowledge information security with Degree or Diploma in Information Technology and/or business, or combined relevant field experience and certifications CISSP, CISA, CRISC, CISM

You have 7+ years of experience working with or in Information Security, Information Security Governance, Security Risk Management in medium to large sized organizations

You have strong and proven leadership capabilities with communication, coaching, influence, negotiation and conflict resolution

You have experience implementing and managing a Governance Risk and Compliance Tool

You have experience with Information Security practice and processes including threat and risk assessments

You have experience managing risk throughout the risk lifecycle

You are highly motivated, and results oriented with an ability to handle high pressure situations with key stakeholders

You have strong service management and service delivery orientation

You have excellent presentation and communication skills and an ability to present complex information in a manner suitable for technical and non-technical audiences

You have working experience with Cybersecurity Frameworks and industry standards: ISO 27001/2, PCI DSS, CIS, NIST 800 Series.

You have knowledge of the security of cloud environments, vulnerability assessments, identity and access management

You have excellent knowledge in several areas of information security (domain knowledge)

Eligibility to work for Interac Corp. in Canada in a full-time capacity

What We’re Offering

The hiring range for this position is $115K-$130K, and you will also be eligible for our short-term incentive plan. The exact amount will depend on factors such as skills, experience, and job-related knowledge, but Interac’s commitment goes beyond compensation. Our Total Rewards package is designed to support your well-being and future, and includes:

Generous vacation and wellness days to help you recharge

Comprehensive employer-paid benefits coverage for peace of mind

Market-leading employer-funded RRSP program to invest in your future

Flexible hybrid work model for better work-life balance

Access to a free and confidential 24/7 employee & family assistance program to offer support for you and your immediate family

Pregnancy and parental leave top-up to support growing families

Charitable donation matching with United Way to amplify your impact

Why Join Us?

At Interac, the impact we make, and the people who drive it, is profound. When you become part of our team, you’re joining a purpose-driven organization that’s shaping the future of digital finance in Canada. Here’s what you can expect:

Investing in the Future – Help us unlock digital prosperity for all Canadians.

Innovative Thinking – Collaborate on products, practices, and platforms that redefine what’s possible.

Inclusive Culture – Be empowered to bring your whole self to work and realize your full potential.

Inspiring Community – Work in an ecosystem where we lift each other up and rise together.

Intentional Support – Enjoy flexible, supportive offerings that prioritize your total wellness.

Additional Pre-Employment Requirements

To ensure the integrity of our organization, successful candidates will be required to complete background checks, which may include, Canadian Criminal Credit Check, Canadian ID Cross-Check, Public Safety Verification, 5-year Employment Verification, Education Verification, Credit Check, and Social Media Check.

Equal Opportunity Employer

Interac is also an equal opportunity employer committed to fostering a diverse and inclusive workplace. We believe that innovation thrives when people from different backgrounds, experiences, and perspectives come together. That’s why we are committed to providing fair and equitable employment opportunities for all individuals, without discrimination based on race, color, ancestry, ethnic origin, place of origin, citizenship, creed, sex, sexual orientation, gender identity or expression, age, marital or family status, disability, or any other characteristic protected by applicable law.

If you require accommodation during any stage of the application or recruitment process, please contact us at ✉ Sign in to view email. We will work with you to meet your needs.

Please be aware that certain individuals are misusing Interac Corp.’s name and logo to promote fictitious employment opportunities. Interac Corp. never requests, solicits, or accepts any form of payment in exchange for employment. Any such offers are fraudulent and should be disregarded. Interac Corp. assumes no liability for any claims, losses, damages, expenses, or inconveniences arising from or related to these fraudulent activities. Such communications do not constitute an offer or representation by Interac Corp. or its subsidiaries and affiliates.