Director, Technology Governance, Risk & Compliance

Location:

Address:

Job Title:

Canada Goose isnt like anything else. Weve built something great something special - an iconic lifestyle brand with an inspirational and authentic story. At the heart of it is our promise to inspire and enable all people to thrive in the world outside. To Live in the Open. At Canada Goose youre part of a movement that belongs to something bigger. One that seeks out the restorative power of nature and is driven by a purpose to keep the planet cold and the people on it warm. We endure any condition observe every detail and are building a community that believes in living bravely and coming together to support game-changing people.

Here opportunities are everywhere - to try something new to learn to do meaningful and impactful work and theyre yours for the taking.

Position Overview:

The Director of Technology GRC is responsible for overseeing and maturing the organizations governance risk and compliance programs across IT and cybersecurity. This includes leading IT SOX control oversight cybersecurity governance practices vendor risk assessments and vulnerability management. The role will also partner with Legal technology and business stakeholders to operationalize privacy frameworks and ensure alignment with regulatory and policy requirements.

What Youll Do:

• IT SOX Compliance
  • Manage the execution and lifecycle of IT SOX controls including annual scoping testing remediation and reporting.
  • Lead oversight of access management controls role-based access and periodic access reviews for in-scope applications and infrastructure while driving continuous improvement in access governance processes.
  • Partner with internal and external auditors to ensure smooth audit cycles and timely issue resolution.
• Cybersecurity Governance
  • Establish and maintain cybersecurity policies risk frameworks and governance practices aligned with standards such as NIST CSF and ISO 27001.
  • Monitor and report on control effectiveness and risk posture across the enterprise.
  • Ensure controls are effectively implemented across on-premises hybrid and cloud environments (e.g. AWS Azure SaaS platforms).
• Vendor Risk Management
  • Lead third-party risk assessment processes to evaluate technology vendors and service providers.
  • Collaborate with procurement and business owners to mitigate vendor-related security risks.
• Vulnerability Management Oversight
  • Coordinate with infrastructure and application teams to ensure timely remediation of identified vulnerabilities.
  • Review vulnerability data to identify systemic issues and drive long-term improvements.
• Privacy and Legal Collaboration
  • Partner with Legal and Compliance teams to implement and maintain privacy controls aligned with applicable laws (e.g. GDPR CCPA).
  • Support intake coordination and fulfillment of Data Subject Access Requests (DSARs) working across technical and business teams to ensure compliance.
  • Provide risk and control input into new initiatives and third-party engagements that involve personal or sensitive data.
• Leadership and Stakeholder Engagement
  • Lead cross-functional risk discussions and influence risk-aware decision-making.
  • Mentor junior team members and contribute to a strong accountable GRC culture.

Lets Talk About You:

• Qualified candidates must hold an undergraduate degree in information systems information technology accounting/finance or other relevant program
• At least 10 years of IT audit IT compliance or similar experience required
• At least 5 years of supervisory experience
• At least one of CISA CIA CPA CISSP CRISC CDPSE CIPP or other relevant IT or Information Security designation is required
• Thorough knowledge of IT auditing regulatory requirements and security standards such as SOX COBIT COSO NIST CSF GDPR
• Experience in retail manufacturing and supply chain is an asset
• Experience working with and managing offshore service providers to deliver Sox testing
• Experience in working with COSO and IT COBIT framework
• Experience with Bill 198 and/or SOX certification
• ERP experience with MS Dynamics 365 and AuditBoard an asset
• Exceptional written and verbal communication skills for drafting and presenting results to senior management
• Proven project management skills

Whats in it For You

• A company built on Canadian roots and heritage
• Your work is recognized with a comprehensive and competitive Total Rewards Program
• Opportunities for career growth through numerous internal and external programs
• Recognize and be recognized by your peers with our Goose Rewards & ICON Rewards
• Be a part ofCG Gives. Donation matching and paid volunteer time to help the organizations you care about
• Access to tools and resources to support physical and mental health embracing change and connecting with colleagues
• Inspiring leaders and colleagues who will lift you up and help you grow

We believe in the power of inclusion and are passionate about building and sustaining an inclusive and equitable working environment where all employees can bring their authentic selves to work everyday. We believe every one of our team members enriches our diversity by exposing us to varying ways to understand the world identify challenges and to discover design produce and deliver great products and service. Our different perspectives are what enable us to create dream and live in the open.

Canada Goose is an equal opportunity employer and is committed to providing employment accommodation in accordance with the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act.

There are multiple ways to interview with us! If you require any interviewaccommodation for your interview please e-mail us at.