Compliance Manager overseeing compliance processes and frameworks for Data Security Services at Entrust. Ensuring DSS products meet or exceed industry standards and mitigate compliance risks.
Responsibilities
Ensure Entrusts Public Key Infrastructure Certificate Authority (PKI CA) products meet applicable compliance frameworks, customer contractual requirements, and emerging standards across multiple communities of trust.
Provide support as needed to ensure that other DSS products remain in compliance with the applicable frameworks, regulatory requirements and customer contractual requirements for each.
Escalate compliance issues that arise in production service environments to the Entrust Policy Management Authority (EPMA) while maintaining on-going ownership of the issues and supporting PA/EPMA direction through issue resolution.
Facilitate external auditor engagements, organize required compliance evidence, schedule required resources, submit required reports, and manage audit timelines.
Closely monitor and advise product and development teams on regulatory priorities and emerging PKI use cases from multiple communities of trust (e.g., financial services, healthcare, government).
Feedback and monitor requirements and/or requirements change for each community of trust to the internal teams, ensuring alignment with Entrust’s compliance strategy.
Represent Entrust and take the lead on standards body engagement, as directed.
Make recommendations and follow-up to mitigate compliance risks and drive continuous improvement.
Oversee and drive the end-to-end operational security compliance and audit programs for WTCA and other applicable frameworks.
Review and make recommendations on operational procedures to ensure they efficiently and effectively comply with all relevant requirements.
Contribute applicable metrics to product compliance scorecards.
Facilitate timely identification, communication, and recommended resolution of compliance risks.
Serve as the internal and customer-facing subject matter expert on compliance frameworks (including WTCA and others).
Advise customers and internal stakeholders on best practices, compliance, and audit processes across multiple standards.
Requirements
Associate or bachelor’s Degree
5+ years of security compliance or audit experience with various compliance frameworks (e.g., WTCA, Netsec)
Strong Governance, Risk Management and Compliance process experience
Ability to work cross functionally with leaders and team members across time zones and continents
Experience with internal controls, risk assessments, business processes and internal IT control testing or operational auditing
Excellent writing, analytical and problem-solving skills
Security clearance or ability to obtain a security clearance (preferred)
Prior experience with one or more of the following frameworks: NIST, FedRAMP, ISO, SOC 2, A-SIT, Common Criteria, DORA, eIDAS, ETSI, and NIAP (preferred)
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.
Senior Product Security Consultant at CENSUS LABS evaluating software security and threats. Responsible for validating security compliance and reporting on risks in complex systems.
Container Security Consultant needed for 12 - month contract with enterprise bank in Toronto. Must have strong container security experience with OpenShift, Docker, Kubernetes.
Technical Program Manager managing security programs aligned with security strategy at Guidewire. Collaborating with various stakeholders to enhance security maturity and efficiency.
Senior IT Architect specialized in Security & Networking infrastructure technologies leading architecture development for technology projects. Collaborating with multiple teams to ensure alignment with strategic objectives.
Director of IT Security leading the cybersecurity strategy for a remote workforce at Directive Consulting. Responsible for risk management, incident response, and compliance initiatives.
Senior Consultant in Cybersecurity for Wavestone managing client - facing engagements and providing strategic advisory services. Leading teams and business development in cybersecurity engagements with top organizations.
Senior Information Security Advisor needed for a 6 - month contract in Scarborough, ON. Provide security advisory, risk assessments, and cloud controls in banking.