Manager, Security Compliance

5 Months ago • 5 Years +

Job Summary

Job Description

The Manager, Security Compliance is responsible for developing, implementing, and managing Wave’s security compliance programs. This role ensures adherence to regulations, standards, and internal policies, mitigating risks and protecting sensitive information. Responsibilities include developing compliance programs, risk assessment and auditing, project planning and coordination, training and awareness, policy management, incident management and reporting, stakeholder collaboration, and vendor and third-party management. The role requires leading the Security Risk Management team for automation and engineering-led thinking, monitoring emerging regulations and industry trends.
Must have:
  • 5+ years of related professional compliance experience.
  • Bachelor’s degree in Computer Science or related field.
  • Proven experience in security compliance management.
  • Advanced knowledge of AICPA SOC 2, SOX, NIST CSF, HIPAA, GDPR and/or ISO 27001.
  • Experience leading internal and/or external audits.
  • Experience implementing automated compliance workflows.
  • Strong understanding of Amazon AWS and SaaS platform.
  • Flexible in daily hours.
  • Ability to prioritize and track multiple projects.
Perks:
  • Work from home or office in Toronto.
  • Learning experiences, educational allowances, and mentorship.
  • Health & wellness benefits.
  • Fair compensation and office perks.

Job Details

We believe small businesses are at the heart of our communities, and championing them is worth fighting for. We empower small business owners to manage their finances fearlessly, by offering the simplest, all-in-one financial management solution they can't live without.

The Manager, Security Compliance is responsible for developing, implementing, and managing Wave’s security compliance programs. This role ensures that Wave adheres to relevant regulations, standards, and internal policies, mitigating risks and protecting sensitive information.

    • Compliance Program Development: Design, implement, and maintain the organization’s security compliance frameworks. Establish policies and procedures to ensure adherence to applicable laws, regulations, and standards (e.g., AICPA SOC2, SOX, NIST CSF, HIPAA, and PCI-DSS).
    • Lead the Security Risk Management team for automation and engineering-led thinking for security control assessment, evidence collection, and summary reporting.  Monitor emerging regulations and industry trends to update compliance strategies.
    • Risk Assessment and Auditing: Conduct regular risk assessments to identify compliance gaps. Plan and oversee internal and external security audits. Collaborate with stakeholders to address findings and implement corrective actions.
    • Project Planning and Coordination: Define project scope, goals, and deliverables aligned with IT and cybersecurity objectives. Develop detailed project plans, including timelines, resource allocation, and budgets. Collaborate with IT, security teams, cross functional teams and external vendors to ensure project alignment.
    • Training and Awareness: Develop and deliver training programs to educate employees on security and compliance requirements. Promote a culture of compliance and security awareness across the organization.
    • Policy Management: Draft, review, and update security policies, standards, and guidelines. Ensure documentation is current and aligns with industry best practices and legal requirements.
    • Incident Management and Reporting: Oversee compliance-related incident investigations and resolution. Ensure timely reporting of security incidents to regulatory bodies as required.
    • Stakeholder Collaboration: Act as a liaison between departments, including H&R Block (Wave owner), IT, legal, and executive leadership, to ensure cohesive compliance efforts. Provide regular updates and reports on compliance status and risks to senior management.
    • Vendor and Third-Party Management: Assess and monitor third-party vendors to ensure compliance with security requirements. Establish and enforce contractual compliance obligations.

You Thrive Here By Possessing the Following:

    • 5+ years of related professional compliance and controls program experience.
    • Bachelor’s degree in Computer Science, Cybersecurity, or a related field.
    • Proven experience in security compliance management or a similar role.
    • Advanced level knowledge of AICPA SOC 2, SOX, NIST CSF, HIPAA, GDPR and/or ISO 27001.
    • Experience leading internal and/or external audits, working as the liaison between auditors and the business.
    • Experience implementing automated compliance workflows.
    • Strong understanding of Amazon AWS environment and SaaS platform. Comfortable working with both deeply technical and non-technical resources.
    • Flexible in daily hours (e.g. willingness to work longer hours during end of quarter and peak periods, and audit).
    • Ability to prioritize and track multiple projects and tasks in parallel.
At Wave, you’re treated like the incredible human being you are. 

Work From Where You Work Best: We will always have a welcoming, energizing, and world-class office (in Toronto) with a space for you. Or, if you’re more comfortable working from home, the choice is yours.
We Care About Future You: You will stretch yourself and you will grow at Wave. You will also be supported on this journey with diverse learning experiences, educational allowances, mentorship, and so much more.
We Support the Full You: We make a serious investment in your health & wellness. When we think about benefits we think about body, mind, & soul and we take this stuff very seriously. 
We Take Care of the Fundamentals: Fair compensation, all the office perks you’d want, and the various goodies you’d expect from a growing tech company. This is the obvious stuff, but we don’t want you to think we forgot!

We believe that a diverse and inclusive culture creates the best workplace. We embrace our differences, value individuality, and the broad spectrum of every Waver's skills and abilities. We challenge each other from a place of respect and pursuit of continuous growth. We trust each other and encourage everyone to bring their authentic selves to work, everyday. As Wavers, our voices matter, our opinions are met with an open mind. The best ideas win, no matter whose they are.  Contributing to an inclusive culture is a part of all of our job descriptions. 

We’ve been continuously recognized as one of Canada's Top Ten Most Admired Corporate Cultures and one of Canada’s Great Places to Work in categories including Technology, Millennials, Mental Health, Inclusion and Women.  

Are you ready to be a Waver? Join us!

Similar Jobs

USE Insider - Management Trainee for Chief Revenue Officer | Revenue Operations Team

USE Insider

Istanbul, İstanbul, Türkiye (On-Site)
9 Months ago
DevRev - Designer - Brand, Marketing & Web

DevRev

London, England, United Kingdom (Remote)
3 Months ago
Media ocean - Vice President, Partnerships Business Development

Media ocean

New York, New York, United States (Hybrid)
9 Months ago
Sonar Source - Partner Manager

Sonar Source

United Arab Emirates (Remote)
6 Months ago
USE Insider - Senior Security Engineer - Blue Team

USE Insider

Istanbul, İstanbul, Türkiye (Remote)
5 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

dun bradstreet - Account Executive II, TMT Vertical, West

dun bradstreet

United States (On-Site)
1 Month ago
DevRev - Demand Generation Content Writer

DevRev

Chennai, Tamil Nadu, India (On-Site)
2 Months ago
ISS Stoxx - Senior Python Full Stack Developer

ISS Stoxx

Mumbai, Maharashtra, India (On-Site)
2 Months ago
Diligent Corporation - Senior Partner Sales Manager

Diligent Corporation

Dubai, Dubai, United Arab Emirates (Hybrid)
2 Months ago
Postman - IT Systems Administrator

Postman

Boston, Massachusetts, United States (On-Site)
1 Month ago
Mindtickle - SDE III - COE-ML

Mindtickle

Bengaluru, Karnataka, India (Hybrid)
3 Months ago
Granicus - Enterprise Local Government Sales Director - Central

Granicus

United States (Remote)
1 Month ago
NCR Voyix - Threat Analyst

NCR Voyix

Gurugram, Haryana, India (On-Site)
1 Month ago
Cognite - Senior Front-end Engineer

Cognite

Bengaluru, Karnataka, India (Hybrid)
9 Months ago
Dialpad AI - CX Enablement Technical Trainer

Dialpad AI

Pasig, Metro Manila, Philippines (Hybrid)
1 Month ago

Get notifed when new similar jobs are uploaded

Jobs in Toronto, Ontario, Canada

TransUnion - Sr. Application Developer

TransUnion

Burlington, Ontario, Canada (Hybrid)
2 Months ago
Kano studios - Game Developer (Unity)

Kano studios

British Columbia, Canada (Remote)
1 Month ago
Epic Games - Desktop Platform Programmer, Fortnite Tech

Epic Games

Vancouver, British Columbia, Canada (On-Site)
3 Months ago
Rockstar Games - Graphics Programmer

Rockstar Games

Oakville, Ontario, Canada (On-Site)
4 Months ago
Autodesk - Software Development Manager

Autodesk

Toronto, Ontario, Canada (Hybrid)
2 Months ago
Resolver - Account Executive

Resolver

Toronto, Ontario, Canada (Hybrid)
1 Month ago
Autodesk - FinOps Engineer

Autodesk

Toronto, Ontario, Canada (Hybrid)
2 Months ago
Electronic Arts - Advanced Data Analyst, UGX

Electronic Arts

Vancouver, British Columbia, Canada (Hybrid)
4 Months ago
Sika Group - Merchandiser

Sika Group

Edmonton, Alberta, Canada (On-Site)
1 Month ago
ISG - Principal Consultant, Digital Sourcing Solution

ISG

Toronto, Ontario, Canada (Remote)
2 Months ago

Get notifed when new similar jobs are uploaded

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Toronto, Ontario, Canada (Remote)

Canada (Remote)

Canada (Remote)

Toronto, Ontario, Canada (Remote)

Canada (Remote)

Toronto, Ontario, Canada (Remote)

Toronto, Ontario, Canada (Remote)

Toronto, Ontario, Canada (Remote)

View All Jobs

Get notified when new jobs are added by WaveApps

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug