Job Specifications
Location: Ottawa, ON – Hybrid (3 days per week on-site)
Contract Duration: 12 months with possibility of extension
Work Schedule: 40 hours/week, Monday–Friday (9:00 AM–5:00 PM)
Target Start Date: February 2, 2026
Pay Rate: $51.50/hour
Job Title: Senior Compliance Officer
Position Summary
The Senior Cloud Services Compliance Officer is responsible for leading and overseeing cybersecurity compliance initiatives across assigned Cloud Services. This role focuses on managing complex internal and external audits, customer security and compliance assessments, regulatory compliance, and internal security and privacy programs.
Working closely with senior leadership, cross-functional teams, and external stakeholders, the Senior Compliance Officer ensures adherence to internal policies, industry standards, and regulatory requirements across multiple jurisdictions. This role also contributes to the strategic direction of compliance practices, driving continuous improvement and strengthening risk management within Cloud Services operations.
Key Responsibilities
Cybersecurity Compliance & Audit Management
Act as the primary point of contact for all compliance and audit activities related to assigned Cloud Services.
Lead engagements with internal and external auditors, including regulatory bodies, internal audit teams, and third-party auditors.
Support the development, implementation, and ongoing maintenance of cybersecurity compliance programs aligned with corporate objectives and regional regulations.
Audit Strategy & Execution
Plan, prepare, and execute internal and external audits, ensuring compliance with corporate policies, industry standards, and regulatory requirements.
Develop and implement proactive, risk-based audit strategies aligned with business priorities and continuous improvement objectives.
Risk Management & Control Enhancement
Lead risk management initiatives and enhance security controls for assigned Cloud Services.
Support and improve Change Management, Business Continuity Planning (BCP), and Disaster Recovery (DR) controls in alignment with corporate standards and regulatory best practices.
Maintain governance, risk, and compliance documentation, including ISMS (ISO 27001) and ISO 27017/27018 mandatory artifacts.
Policy Development & Process Improvement
Support the development, review, and implementation of cybersecurity compliance policies, standards, and procedures.
Drive improvements to compliance workflows to enhance audit readiness, operational efficiency, and risk mitigation.
Global & Regulatory Compliance
Collaborate with cross-functional teams to assess and address cybersecurity and privacy requirements across regions.
Support global compliance initiatives, ensuring awareness of evolving cybersecurity and data privacy regulations (e.g., GDPR, CCPA) and compliance with cross-border data transfer requirements.
Advisory & Stakeholder Engagement
Provide cybersecurity compliance guidance to sales, presales, product management, and other business units, including support for RFPs, RFIs, and customer security questionnaires.
Serve as a trusted advisor on complex compliance and security matters, recommending risk mitigation and process improvements.
Engage directly with customers to address compliance inquiries and support trust-building initiatives.
Monitoring & Reporting
Oversee continuous monitoring of compliance programs to ensure ongoing effectiveness.
Prepare and present compliance reports to senior management, highlighting audit outcomes, risk exposure, and remediation status.
Minimum Qualifications
7+ years of experience in cybersecurity compliance, preferably within cloud services environments.
Demonstrated experience leading internal and external audits, including risk assessments and remediation efforts.
Strong knowledge of information security standards and frameworks, including ISO 27001, ISO 27017/27018, SOC 2, FedRAMP, CSA, PCI DSS, and data privacy regulations (e.g., GDPR).
Solid understanding of cloud platforms and security fundamentals (AWS, Azure, GCP).
Strong communication and stakeholder management skills, with experience engaging senior leadership, auditors, and regulators.
Preferred Qualifications
7–10 years of experience in cybersecurity compliance, risk management, or information security, ideally in cloud or SaaS environments.
Professional certifications such as CISA, CISM, CRISC, or equivalent.
Advanced expertise in compliance standards and frameworks (ISO 27001, SOC 2, PCI DSS, GDPR, NIST).
Proven leadership in managing complex audits and cross-functional initiatives.
Excellent written and verbal communication skills, with the ability to translate complex technical findings for non-technical audiences.
Strategic mindset with a focus on risk mitigation, continuous improvement, and alignment with business objectives.