×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security IT Project Manager

Manager IT Security Governance Risk Compliance

Job in Laval, Province de Québec, H0A, Canada
Listing for: Sonepar Canada
Full Time position
Listed on 2025-12-02
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Project Manager
Salary/Wage Range or Industry Benchmark: 80000 - 100000 CAD Yearly CAD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Manager IT Security Governance Risk Compliance

1 day ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Sonepar Canada is an independent family-owned company with global market leadership in the business-to-business distribution of electrical, industrial and safety products and related solutions. In Canada, we are represented by 9 locally managed electrical and industrial distributors and have over 100+ locations with coverage in 8 provinces.

We are a proud member of the Sonepar Group, the world's largest privately-held electrical distributor. The Sonepar Group is present in more than 40 countries with over 45,000 employees.

To explore and learn more about Sonepar opportunities, please visit

What’s In It For You?

  • You will be joining a market leader with over 40 years of experience to help you elevate your potential.
  • You will be working for the world's #1 privately held business to business distributor of electrical products and related solutions.
  • A chance to get involved in the forever growing electrical industry.
  • We house the largest inventory to better service our customers and deliver on sales commitments.
  • An opportunity for career development across many business departments within our organization.

Scope of the Position:

The Manager, IT Security, Governance, Risk and Compliance (GRC) is responsible for designing, implementing, and maintaining enterprise IT security programs and governance frameworks across the organization. This individual ensures cybersecurity posture, risk management practices, and regulatory compliance are embedded into all IT operations and business processes. Working cross-functionally, this role oversees security controls, audit readiness, risk assessments, policy development, and vendor compliance while fostering a culture of cybersecurity awareness.

Major Responsibilities:

  • Lead the development and implementation of IT policies, procedures, and controls in line with standards (e.g., ISO 27001, NIST, SOC
    2)
  • Manage IT security operations, including vulnerability management, incident response, and access controls
  • Conduct risk assessments and plan mitigation measures across applications, infrastructure, vendors, and data processes
  • Oversee audit preparation and responses, ensuring alignment with internal and external compliance frameworks
  • Guide the implementation of governance tools, GRC dashboards, and risk monitoring mechanisms
  • Collaborate with Legal, Finance, Operations, and HR teams to support privacy, ethics, and compliance initiatives
  • Promote cybersecurity training, awareness, and education among users
  • Support business continuity and disaster recovery planning from a risk and security perspective

IT Governance & Policy Management:

  • Develop, implement, and maintain IT governance frameworks aligned with business objectives, organization-wide
  • Ensure IT strategy and initiatives comply with internal and external regulatory requirements
  • Maintain governance framework documentation and ensure alignment with corporate objectives
  • Lead IT risk assessments to identify potential threats and vulnerabilities
  • Develop and implement mitigation strategies to strengthen security and operational resilience
  • Oversee risk treatment plans and coordinate risk management activities with other departments
  • Collaborate with internal audit teams to ensure effective IT risk management practices

Regulatory Compliance & Audit Preparation:

  • Ensure compliance with standards (ISO 27001, NIST, PCI-DSS, GDPR, SOX, HIPAA)
  • Conduct audits, identify gaps, and ensure corrective actions are implemented
  • Prepare and present reports on compliance, risks, and mitigation strategies
  • Maintain relationships with regulatory bodies, external auditors, and stakeholders

Incident Response & Business Continuity:

  • Develop and improve business continuity and disaster recovery plans
  • Ensure incident response protocols are followed
  • Provide recommendations for continuous improvement of IT security and resilience
  • Coordinate with security teams to assess impact and recovery strategies during incidents

Requirements:

  • Bachelor’s degree in Information Security, Information Technology, or related field; CISM, CISSP, or CRISC…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search