Findings & Remediation Senior Security Advisor, Cyber Governance & Compliance

Pay at Intact is about much more than just salary.

• Flexible work arrangements and a hybrid work model

• Possibility to purchase up to 5 extra days off per year

• Multiple benefits offered to support physical and mental wellbeing, including telemedicine, Wellness account and much more

• Share plan & other savings: up to 12% of salary or even more (ask how you could earn guaranteed income for life)

Salary range (but not limited to):

101,800 - 124,400

Annual bonus target, based on the base salary, with a potential payout of up to double the target (subject to personal and company performance):

12%

As part of our commitment to Win As A Team, we share our success with employees through our annual bonus plan and Employee Share Purchase Plan (ESPP) – with Intact matching 50% of your net shares.

Our pension offerings provide flexibility and long-term security for our employees beyond their careers. We are one of the few companies offering the opportunity to receive guaranteed income for life via our defined benefit pension plan.

Salary for the candidate will be determined taking into consideration a number of factors including: experience, skills, qualifications, anticipated contribution to role, internal equity, etc. The salary range presented above is based on a 35-hour workweek and would represent a majority of different candidate profiles. However, we encourage candidates who may fall outside of this range to apply as well.

About the role

We’re looking for a Findings and Remediation specialist to join our Cyber Governance & Compliance team and help scale our governance program across the IT structure.

This role will own the end-to-end lifecycle of audit/compliance findings and remediation commitments, ensuring consistent execution, strong accountability, and measurable reduction of repeat findings. You will partner with IT teams, Finance stakeholders, and auditors to drive delivery and improve control maturity in support of 52-109 and other applicable norms (e.g., ISO 27001).

What you'll do here:

• Own and operate the enterprise findings and remediation program across all IT (intake, triage, assignment, due dates, status cadence, evidence validation, and closure).

• Establish and enforce a consistent remediation methodology (root cause analysis, corrective action design, milestones, risks/dependencies, and closure criteria).

• Lead cross-functional remediation governance (weekly/bi-weekly operating cadence), including escalations and executive-ready reporting.

• Ensure remediation plans are realistic and control-effective (fix the control, not just the symptom) and coordinate validation readiness for re-testing.

• Maintain a single, accurate view of compliance commitments and progress (52-109-related gaps, internal audit/external audit findings, self-assessment results, management action plans).

• Track and report key program metrics (aging, overdue, theme analysis, repeat findings, control failure trends) and propose targeted improvement initiatives.

• Partner with IT control owners to improve operational discipline (ticket quality, evidence retention, SOP adherence) and reduce friction during audits.

• Contribute to continuous improvement of standards, templates, and tooling to make remediation work repeatable and scalable (and reduce manual effort).

• Be a key element in our Automation and AI implementation plan.

What you bring to the table:

• University degree in information systems, business, cybersecurity, or any combination of equivalent education and experience.

• Minimum 3 years of relevant experience in technology risk, audit remediation, IT compliance, or complex cross-functional program management.

• Demonstrated experience managing audit or compliance findings and driving remediation to closure in an IT environment.

• Solid understanding of IT processes and control concepts (access, change, operations, SDLC fundamentals) and familiarity with compliance frameworks/norms (e.g., 52-109; ISO 27001; familiarity with other industry norms such as SOX is an asset).

• Strong stakeholder management skills with the ability to challenge constructively and drive accountability across multiple IT teams.

• Strong analytical skills and ability to synthesize complex status into clear, decision-ready reporting.

• Highly organized, detail-oriented, and comfortable working with deadlines, ambiguity, and changing priorities.

• For candidates located in Quebec, bilingualism is required considering the necessity to interact on a regular basis with English-speaking colleagues across the country.

• No Canadian work experience required however must be eligible to work in Canada.

#LI-Hybrid

Il s'agit d'un nouveau rôle au sein de notre équipe en plein croissance | This role is a new member of our growing team.