Senior IT Security Engineer at NEAR Foundation leading information security program and compliance initiatives. Partnering with IT teams for secure architectural design and risk management.
About the role
- Findings and Remediation specialist handling audit/compliance findings in Cyber Governance & Compliance team. Collaborating with IT, Finance, and auditors to improve control maturity.
Responsibilities
- Own and operate the enterprise findings and remediation program across all IT (intake, triage, assignment, due dates, status cadence, evidence validation, and closure)
- Establish and enforce a consistent remediation methodology (root cause analysis, corrective action design, milestones, risks/dependencies, and closure criteria)
- Lead cross-functional remediation governance (weekly/bi-weekly operating cadence), including escalations and executive-ready reporting
- Ensure remediation plans are realistic and control-effective (fix the control, not just the symptom) and coordinate validation readiness for re-testing
- Maintain a single, accurate view of compliance commitments and progress (52-109-related gaps, internal audit/external audit findings, self-assessment results, management action plans)
- Track and report key program metrics (aging, overdue, theme analysis, repeat findings, control failure trends) and propose targeted improvement initiatives
- Partner with IT control owners to improve operational discipline (ticket quality, evidence retention, SOP adherence) and reduce friction during audits
- Contribute to continuous improvement of standards, templates, and tooling to make remediation work repeatable and scalable (and reduce manual effort)
- Be a key element in our Automation and AI implementation plan.
Requirements
- University degree in information systems, business, cybersecurity, or any combination of equivalent education and experience
- Minimum 3 years of relevant experience in technology risk, audit remediation, IT compliance, or complex cross-functional program management
- Demonstrated experience managing audit or compliance findings and driving remediation to closure in an IT environment
- Solid understanding of IT processes and control concepts (access, change, operations, SDLC fundamentals) and familiarity with compliance frameworks/norms (e.g., 52-109; ISO 27001; familiarity with other industry norms such as SOX is an asset)
- Strong stakeholder management skills with the ability to challenge constructively and drive accountability across multiple IT teams
- Strong analytical skills and ability to synthesize complex status into clear, decision-ready reporting
- Highly organized, detail-oriented, and comfortable working with deadlines, ambiguity, and changing priorities
- For candidates located in Quebec, bilingualism is required considering the necessity to interact on a regular basis with English-speaking colleagues across the country.
- No Canadian work experience required; however, must be eligible to work in Canada.
Benefits
- Flexible work arrangements and a hybrid work model
- Possibility to purchase up to 5 extra days off per year
- Multiple benefits offered to support physical and mental wellbeing, including telemedicine, Wellness account and much more
- Share plan & other savings: up to 12% of salary or even more (ask how you could earn guaranteed income for life)
- Our pension offerings provide flexibility and long-term security for our employees beyond their careers.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Bilingual Security Director for International SOS driving revenue growth of health security subscription services in Canada. Supporting consulting, training, and managed services with trusted client relationships.
Program Manager driving complex engineering projects within the Product Security organization at CrowdStrike. Collaborating cross - functionally to ensure timely delivery of security solutions across product portfolios.
Security Engineer focused on matching technology opportunities with customer business objectives at Tenable. Delivering technical presentations and driving successful customer engagements in cybersecurity solutions.
Business Development & Capture Lead for Global Spatial Technology Solutions driving revenue growth in defence sector. Engaging senior stakeholders and leading proposal development across global markets from a remote location.
IT & Security Specialist managing IT operations, security, and infrastructure for Senstar, a leader in security technology. Hands - on role blending end - user support, cybersecurity, and infrastructure management.
HR Systems Security Specialist responsible for design, configuration, and administration of security within Workday and SAP. Collaborating with HR and stakeholders to ensure effective access design and compliance.
Cybersecurity advisor working within the DCYB to develop IT security measures. Collaborating with teams to fortify cybersecurity posture and ensuring data protection for citizens.
Consultant in remuneration and occupational health and safety at the Quebec Federation of Municipalities. Ensuring employee needs match organizational requirements and promoting a safe work environment.
Cybersecurity Administrator providing operational support for compliance activities in information security. Assisting vendor risk management, audit coordination, and vulnerability tracking.