Logo of Huzzle

Senior Manager, Cyber Security & Compliance

  • Job
    Full-time
    Senior Level
  • IT & Cybersecurity
  • Toronto

AI generated summary

  • You need 5+ years in Cybersecurity & IT Risk Advisory, 2+ years in project management, knowledge of Cybersecurity & Compliance areas, and understanding of IT Audit & Compliance standards.
  • You will lead a team in developing and implementing cybersecurity and compliance programs, communicating risks to stakeholders, managing audit findings, ensuring system compliance, and overseeing SOX documentation and testing.

Requirements

  • 5+ years of experience in Cybersecurity, leading at least one team with strong record of successful delivery of the cybersecurity projects/programs and supporting day-to-day Cybersecurity Operations
  • 5+ years of experience in IT Risk Advisory or IT Controls & Compliance
  • 2+ years of project/program management experience
  • Strong knowledge and understanding of various areas of Cybersecurity and Compliance including Technology and Operations; Digital Identity & SAP Security; Data Classification, Protection, Third-Party Risk Management, Governance, Regulatory, & Compliance
  • Working knowledge of IT Audit, Risk Assessment, Cybersecurity, SOX compliance, GxP Compliance, SOC1, SOC2, ISO 27001.

Responsibilities

  • Lead a team across key regions, providing guidance, mentorship and support.
  • Supporting enterprise-wide regulatory compliance programs and building, operationalizing and supporting cybersecurity programs including developing and implementing strategies to identify, aggregate, and mitigate cybersecurity risks.
  • Communicating aggregated risk information and reports in a clear and understandable manner to key stakeholders (technical and non-technical)
  • Participating in Internal / External Audits, and Inspections, and driving noted audit findings to proper remediation
  • Directing the remediation and repair of non-compliant systems, software, and technologies across the Brand.
  • Managing communications with key partners and stakeholders, including messaging of SOX IT objectives and requirements, managing request lists, and facilitating discussions on risk & controls.
  • Facilitating the walkthrough process with Management and various audit teams. Collaborate with IT partners to review SOX documentation (risk control matrices, narratives, flowcharts) and identify areas where control enhancements and/or documentation improvements are needed. Ensure SOX documentation is accurate and reflects current process.
  • Completing and/or reviewing SOX assurance testing for key general IT controls (GITCs/ITGCs), IT application controls (ITACs), and key reports (IPE) identified in the walkthrough process. Coordinate testing approach and align expectations with internal & external auditors to ensure documentation and testing complies with industry standards (including PCAOB) and allows for reliance by the external auditors. Leverage knowledge of SOX methodology and industry requirements to ensure thorough workpapers are maintained.
  • Assessing and gathering details for in-scope SOX system and assist in performing an annual SOX IT Risk, Scoping and Controls Assessment
  • Providing advisory and when required, assess SOC 1 / SOC 2 reports to ensure appropriate controls are identified and operating effectively.

FAQs

What is the location of this position?

This position is located out of our Toronto Head Office in Liberty Village, offering opportunity to work hybrid.

Retail & Consumer Goods
Industry
1001-5000
Employees
2013
Founded Year

Mission & Purpose

DECIEM is a humble and happy umbrella of good beauty brands like NIOD and The Ordinary. We’ve been called every good and bad thing you can think of like “the most thrilling thing to happen to skincare”, and “the hottest beauty company right now”. Over the past year, we’ve sold more than one product every second, opened the doors to our 35th store, and welcomed our 1000th employee. With many products in development, a new 70,000 square-foot HQ to call home, and plans for even further retail expansion, we are excited to do even bigger things in the near future. DECIEM was founded in 2013 by “the beauty world’s most exciting disrupter”, Brandon Truaxe. During a four-month co-op at a skincare lab, he became angry at the lack of passion, transparency, or insight when beauty products were being developed. After selling his first software company, many years later, Brandon’s frustration at the beauty industry remained and he set off to make a change in the beauty business. That change is DECIEM and we’re working really hard to continue Brandon’s vision for a better world of beauty. Everything we do is of exceptional quality. Today, quality is no longer defined by price points or distribution channels. Quality today means being authentic, being different, being functional, being beautiful, and being sensibly priced, even to the wealthy. And we respect these principles. We choose to serve the educated, the curious, and the intelligent who appreciate our dedication to this very genuine definition of quality.