Talent.com
Fairstone Bank
Director, Internal Audit - Technology, Information Security, and AIFairstone Bank • Toronto, Ontario
Director, Internal Audit - Technology, Information Security, and AI

Director, Internal Audit - Technology, Information Security, and AI

Fairstone Bank • Toronto, Ontario
30+ days ago
Salary
CA$125,000.00 yearly
Job type
  • Full-time
Job description

Who we are:

Fairstone Bank and its family of brands are united in delivering innovative, accessible and reliable financial solutions that enable Canadians to reach their goals. Over the years, our brand family has grown. In 2024, Home Trust Company, Home Bank and Oaken Financial became part of the Fairstone Bank family of brands, alongside Fairstone, Eden and Fig.

Together, we are the leading alternative lending bank in Canada. We have the collective experience and expertise to better serve our customers and foster our partners’ growth. With a diverse suite of products—residential and commercial mortgages, consumer deposits and GICs, credit cards, retail and automobile financing, personal loans and digital lending—we offer financial solutions tailored to all Canadians, including newcomers, small-business owners, smart investors and savvy consumers.

Backed by nearly a century of lending experience through its legacy companies, Fairstone Bank and its brand family are proud to be Canada’s leading alternative lending bank.

About the role:

The Director, Internal Audit – Technology, Information Security, and AI leads the planning and delivery of risk-based audits and advisory work across the Bank’s technology and digital risk domains. This role provides independence assurance over technology risks across ITGCs, cybersecurity governance, cloud governance, data management, AI, and technology operations. The Director is expected to exercise independent authority and credible challenge with senior technology leaders including the Chief Technology Officer (CTO) and their leadership team ensuring that technology risks, control gaps, and remediation commitments are appropriately identified, debated, and addressed.

The role requires sufficient technical knowledge and professional competence to engage in difficult, sometimes adversarial conversations with technology leadership, while maintaining a constructive, respected, and independent relationship. Co‑sourced SMEs may support deep technical assessments; however, the Director must independently interpret results, synthesize risk implications, and challenge management where standards or practices are insufficient.

Responsibilities:

Risk Assessment & Strategy Planning (20%)

  • Own and maintain the technology audit universe for core domains: Technology Strategy, Data, and AI, Technology Integration, Software Engineering, Digital Services, Technical Services & Performance, Technology Operations, and Information & Cyber Security.
  • Maintain awareness of technological changes in both external and internal environments including trends in risk management practices and regulatory expectations, and changes in business activities to perform quarterly risk assessments for the technology audit entities within the Internal Audit Universe.
  • Lead the annual technology risk assessment, identify appropriate audits to be included in the annual audit plan and help develop the Plan for the Audit Committee approval.
  • Identify emerging risks within the Technology audit portfolio (e.g., cyber threats, cloud adoption, data privacy), monitor these risks to determine their impact, and assess changes needed for the annual audit plan or planned audits. Incorporate changes as appropriate.

Audit Plan Execution and Delivery (50%)

  • Oversee execution and end‑to‑end delivery of all audit projects within the Technology audit universe, ensuring all documentation and audit reports are complete, and projects are appropriately and effectively staffed. Coordinate use of co-sourced technical experts for deep cyber/cloud/AI testing where needed.
  • Lead opening and closing meetings, ensuring audit project planning is appropriately completed, reviewing audit working papers, and preparing/reviewing draft internal audit report for each project. Review control design and effectiveness using industry frameworks (NIST CSF, ISO 27001, COBIT).
  • Deliver balanced and insightful reporting to the Chief Internal Auditor and Audit Committee on technology risk posture, themes, and systemic gaps.
  • Oversee remediation/closure of IT audit findings, OSFI findings including tracking closure to due dates, the validation of findings with management, ensuring appropriate responses are received, and appropriate quality assurance practices are followed.
  • Provide independent advice during major technology initiatives (policy& standards enhancements, modernization, cloud migration, data platform enhancements) from governance and risk lens and collaborate with stakeholders to embed controls early.

Leadership & Stakeholder Management (20%)

  • Develop and maintain independent and influential relationships with senior technology stakeholders, including the CTO, CISO, Data & Privacy leadership, and enterprise risk partners (i.e., ERM, ORM, Compliance).
  • Develop and maintain working relationships with the Bank’s external auditors to support their direct assistance and or audit reliance model.
  • Demonstrate the authority, credibility, and technical understanding necessary to challenge technology decisions, risk acceptances, and control deficiencies especially in areas where management believes risks are mitigated.
  • Facilitate difficult discussions with technology leadership by articulating risk impacts, regulatory expectations, and control considerations in a clear and authoritative manner.
  • Lead a team of IT audit professionals with a mix of internal capabilities and co-sourced specialists.
  • Mentor team members to deepen expertise in ITGCs, cyber governance, and foundational cloud/data risks.

Standards, Methodology & Tools (10%)

  • Ensure all technology audit work adheres to the Global Internal Audit Standards (GIAS) and Internal Audit methodology. Contribute to annual review of audit practices and methodology against relevant benchmarks.
  • Map controls to recognized frameworks as appropriate: NIST CSF/800-53, ISO 27001/27701, COBIT, CIS Controls, CSA CCM, PCI DSS (if applicable), and applicable privacy regulations. Recommend changes to audit processes, methodology and reporting to improve effectiveness.
  • Champion continuous improvement, agile auditing methods, and data-driven audit techniques (CAATs, automation, scripts, and continuous monitoring).
  • Promote tooling: GRC, ticketing/ITSM (e.g., ServiceNow), CI/CD, CSP native security tooling, CSPM/CWPP, SIEM/SOAR, data lineage/governance tools, and model monitoring platforms.

    What we’re looking for:

    Formal Education:

    • University degree in information systems, Computer Science, Engineering, Accounting, or related field.
    • Certified Information Security Audit designation.
    • Certifications in the following are preferred:
    • Audit: CIA, Risk: CRISC, CGEIT, Security: CISSP, CISM, CCSP, ISO 27001
    • Cloud: AWS/Azure/GCP security or architecture certifications
    • Data/Privacy: CDMP, CIPT/CIPM/CIPP, ISO 27701

    Related Experience:

    • 10+ years of progressive experience within the Financial Services Industry.
    • Solid Information Technology (IT)/Information Security (IS) audit and/or similar management experience in a regulated financial institution.
    • Strong experience leading audits of information technology, information security, data management, and project management, in conformance with IIA Standards.
    • Excellent understanding of risk management and related governance concepts, tools, techniques and best practices gained from practical financial services experience.
    • Strong command of at least three of the following: ITGCs, cybersecurity operations, cloud security/ governance, data governance/quality/privacy, SDLC/DevSecOps, AI/ML governance/model risk.

    Skills:

    • Strong understanding of the Bank’s risk tolerance, risk management, & risk assessment activities.
    • Technical auditing proficiency in a regulated financial services environment, including strong analytical risk assessment and problem-solving skills.
    • Ability to counsel and advise on complex risk situations affecting the organization, within the context of audit assignments, including recommendations on related risk management.
    • Excellent communication, decision making, time management, negotiation, and influencing skills.
    • Leads and demonstrates knowledge, teamwork, cross-unit cooperation and information and consistently demonstrates and reinforces organizational values.
    • Solution-focused and takes initiative ensuring self and team work effectively and efficiently within established guidelines.
    • Ability to lead a strategic and progressive approach to provide value-added recommendations to leaders across the Bank.

    What you’ll love about working here:

    • Award-Winning Culture: We’re proud to be recognized as a and one of by Canada’s Top 100 Employers.
    • Work-Life Balance: Enjoy flexibility with our hybrid work model designed to support your lifestyle.
    • Time to Recharge: Generous vacation based on your role, statutory holidays, plus 6 wellness days to prioritize your well-being.
    • Compensation Package: Competitive base salary plus an annual incentive bonus tied to performance.
    • Comprehensive Benefits: Robust health and dental coverage through Manulife, as well as virtual healthcare through Dialogue.
    • Future-Ready Savings: Group Retirement Savings Plan with up to 7% employer match.
    • Exclusive Perks: Discounts from top retailers via WorkPerks, plus location-based perks like gym memberships and Toronto Bike Share.
    • On-Site Fitness: Gym access at our London and Montreal offices.
    • Continuous Growth: Education Assistance Program and Fairstone Academy for training and skill development.
    • Family Support: Parental leave top-up program to help you during life’s big moments.
    • Community Impact: One paid volunteer day to give back to causes that matter to you.

    What you can expect - pay & process:

    • Expected base salary range is $125,000 - $150,000, plus the opportunity to earn an annual incentive bonus tied to performance.
    • This posting is for an existing vacancy within our organization.
    • Artificial intelligence may be used in parts of the recruitment process.
    • All candidates considered for hire must successfully pass a criminal background check, credit check, and validation of their work experience to qualify for hire.

    If what you read excites you, we’d like to hear from you! Please submit your application and we’ll contact you if you become selected for first stages of the interview process.

    Learn more:

    Create a job alert for this search

    Director, Internal Audit - Technology, Information Security, and AI • Toronto, Ontario

    Similar jobs

    Lead Technology Director in Securities Settlement

    ScotiabankToronto, ON, CA
    Full-time

    Drive innovation in Securities Technology as Lead Director.Spearhead efforts in Settlements and Clearing, ensuring compliance while leveraging modern tech solutions in a hybrid environment.You will... Show more

     • Promoted

    Information Security Consultant

    CONFLUX SYSTEMSMarkham, York Region, CA
    Full-time

    This request is to on-board resource for Application security team focusing on threat modelling, security architecture.Work with application teams and complete threat model.Develop and deliver secu... Show more

     • Promoted

    Senior Director, Cybersecurity & Risk Management

    Staples CanadaRichmond Hill
    Full-time

    The Senior Director, Cybersecurity & Risk Management is responsible for designing, governing, and executing the enterprise-wide security and risk strategy that protects company assets, data, custom... Show more

     • Promoted

    Director of Internal Control

    Boyd InteractiveToronto, ON, CA
    Full-time

    Reporting ultimately to the Audit Committee, and day‑to‑day to the CFO and CTO, the Director of Internal Audit is responsible for delivering internal audit functions across all disciplines – IT, Bu... Show more

     • Promoted

    Senior Actuary Director

    VIP Universal Medical Insurance Group (VUMI)Markham, York Region, CA
    Full-time

    The Senior Actuary Director for the Life & Investment Division is a key member of the actuarial team, responsible for ensuring the financial soundness, risk management, and profitability of the com... Show more

     • Promoted

    Senior Information Technology Project Manager

    NEOGOVnewmarket, on, ca
    Full-time

    This role is a CONTRACT & REMOTE from anywhere in Canada ***.Senior PMO Manager – Product Delivery(SaaS/Remote/Contract).NEOGOV is a proud SaaS leader in the Public Sector for HR, Recruiting, emplo... Show more

     • Promoted

    Director, Internal Audit - Technology, Information Security, and AI

    Fairstone BankToronto, Ontario, Canada
    Full-time +1

    Fairstone Bank and its family of brands.Canadians to reach their goals.Over the years, our brand family has grown.In 2024, Home Trust Company, Home Bank and Oaken Financial became part of the Fairs... Show more

     • Promoted

    Director of Internal Controls - AI-Enabled

    Heartland Coca-Cola Bottling Company, LLCToronto, ON, CA
    Full-time

    A leading beverage company in Toronto is seeking a Director of Internal Controls to establish and lead the internal controls function.The role focuses on ensuring compliance with laws and policies ... Show more

     • Promoted

    Lead Audit Director Driving Operational Excellence and Risk Management

    TDToronto, ON, CA
    Full-time

    Take charge as an Audit Director, leveraging your expertise to influence operational performance and risk mitigation.Deliver insightful audits and strategic recommendations to elevate business prac... Show more

     • Promoted

    Director, Identity & Security Product Management - C$118,000 - C$148,000 A Year

    MongoDBToronto, Canada
    Full-time

    Leads Identity and Security Product Management team, defines and drives product strategy for IAM and security functions, collaborating with stakeholders and engineering on roadmaps for MongoDB Atla... Show more

     • Promoted

    Innovative Mental Health Program Director

    Canadian Mental Health Association | York Region & South SimcoeAurora, York Region, CA
    Full-time

    Direct innovative mental health services as an impactful Program Director.Engage in community partnerships to foster program growth and ensure quality service delivery.This role involves leading th... Show more

     • Promoted

    Director, M&A

    Perseus Group, Constellation SoftwareMarkham, ON, CA
    Full-time

    Director of M&A, Homebuilder Solutions Portfolio.Perseus Group, Constellation Software is looking for a Director of M&A for its homebuilding and construction portfolio.This role will work closely w... Show more

     • Promoted

    Director- Operational Risk, Internal Audit & Compliance

    North Horizon Holdings Inc.Toronto, Ontario, Canada
    Full-time

    North Horizon is a Canadian family office with a global investment reach.We are value-oriented investors in public equities, fixed incomes, private equities, venture capital and real estate.We are ... Show more

     • Promoted

    Information Security Director Role at Indigo

    Indigo-Books-Toronto, ON, CA
    Full-time

    Become the Information Security Director at Indigo, focusing on establishing robust security strategies.This leadership role emphasizes compliance, risk management, and effective security operation... Show more

     • Promoted

    Senior Manager, Information Security Risk & Governance

    Onico SolutionsRichmond Hill, York Region, CA
    Permanent

    Senior Manager, Information Security Risk & Governance.The Senior Manager, Information Security Risk & Governance leads the Information Security Risk Management and Governance programs.Their main o... Show more

     • Promoted

    Director of Integrations for API Applications

    Accommodations Plus InternationalMarkham, York Region, CA
    Full-time

    Join API as the Director of Integrations, where you’ll lead enterprise-level technology deployment focused on enhancing client interactions.This role is both strategic and hands-on.In the Director ... Show more

     • Promoted

    Senior IT Auditor

    Amphenol Communications SolutionsMarkham, ON, CA
    Full-time

    Amphenol Communications Solutions (ACS), a division of Amphenol Corporation, is a world leader in interconnect solutions for Communications, Mobile, RF, Optics, and Commercial electronics markets.A... Show more

     • Promoted

    Senior IT Auditor

    Amphenol ICCMarkham, York Region, CA
    Full-time

    Amphenol Communications Solutions (ACS), a division of Amphenol Corporation, is a world leader in interconnect solutions for Communications, Mobile, RF, Optics, and Commercial electronics markets.A... Show more

     • Promoted

    Director, Ai - C$170,200 - C$178,200 A Year

    Safe SoftwareToronto, Canada
    Full-time

    Director of AI to lead strategic initiatives, integrate AI, and drive innovation across all divisions, reporting to the CEO. Show more

     • Promoted

    Senior AI Strategy & Foresight Architect

    Huawei CanadaMarkham, York Region, CA
    Full-time

    A leading technology firm in Canada is seeking a Senior AI Technology Strategy Expert.This role involves analyzing AI/ML developments and producing strategic insights to guide R&D efforts.The ideal... Show more