Renata
Back to jobs

This job is no longer available.

The original posting has expired, but this page is kept for context. Continue to current roles from this employer or search similar active jobs.

Pet Valu

Manager, IT Governance, Risk and Compliance

Pet Valu
0001 – Markham OfficePosted 3 days ago
Full-timeonsite
No longer available

Job Description

Hybrid: Markham, Ontario

Job Description:

Position: Manager, IT Governance, Risk and Compliance

Type: Full-Time | Permanent | Hybrid  

Location: Markham, ON 

Reports to: Director, Security and Infrastructure, IT

Job Overview

The Manager, IT Governance, Risk and Compliance is the IT owner for ICFR, PCI-DSS, NIST Cybersecurity Framework (CSF) 2.0, and Third-Party Risk Management (TPRM). This hands-on leadership role delivers IT controls, evidence, remediation, policy governance, the IT Security Risk Register, and the full TPRM lifecycle while partnering with Finance, Payments, Security, Procurement, and Legal.

Essential Duties             

  • Act as the primary IT point of contact for internal and external audit partners on ICFR/ITGC, PCI-DSS, and NIST CSF 2.0 audits.

  • Own the IT General Controls (ITGC) portion of the annual ICFR program: scoping, documentation, evidence, walkthroughs, testing support, and remediation.

  • Manage the PCI-DSS IT compliance program (Requirements 1–12, A1–A3), including evidence, QSA support, and remediation.

  • Lead IT-side implementation and maturity of NIST CSF 2.0 across all six functions.

  • Develop, maintain, and govern all IT policies, standards, procedures, and process documentation aligned with ICFR, PCI, and NIST CSF.

  • Own and maintain the IT Security Risk Register (identification, assessment, treatment plans, monitoring, and reporting).

  • Lead the IT Third-Party Risk Management (TPRM) program: vendor risk assessments, due diligence, ongoing monitoring, contract reviews, scoring, and off-boarding for all technology and cloud vendors in scope for ICFR, PCI, or NIST.

  • Coordinate and deliver evidence and responses during internal/external audits and regulatory reviews.

  • Track and drive remediation of IT-related findings from audits and TPRM assessments.

  • Maintain centralized IT controls library and automated evidence repository.

  • Perform regular control self-assessments and continuous monitoring.

  • Report compliance status, risk register, and TPRM metrics to IT leadership, Finance, Procurement, and the Audit Committee.

  • Stay current on regulatory changes and translate them into actionable IT and vendor requirements.

  • Other tasks as assigned.

Skills, Experience, Education, Certifications

  • 8+ years of progressive IT governance, risk, compliance, or audit experience.

  • Minimum 4 years in a leadership role.

  • Direct, hands-on experience delivering IT evidence and remediation for ICFR/ITGC, PCI-DSS, NIST CSF, and Third-Party Risk Management programs.

  • Proven ability to work successfully with internal/external audit partners and vendors.

  • Professional certification required (one or more): CISA, CISM, CRISC, CISSP-ISSAP, PCIP, or equivalent.

  • Strong policy, process documentation, and risk register management skills.

  • Hands-on experience running a TPRM program and using vendor risk platforms

Competencies

  • Mastery of ICFR/ITGC, PCI-DSS, NIST CSF 2.0, and TPRM

  • Policy and process documentation excellence

  • IT risk register and vendor risk lifecycle ownership

  • Audit coordination and evidence delivery

  • Cross-functional partnership (Finance, Security, Payments, Procurement, Legal)

  • Calm execution under tight audit and vendor review timelines

Compensation: 

The targeted salary range for this position is $125,000 - $135,000 annually. The final offer will be based on factors such as market location, relevant skills, experience and internal equity.

Ready to join the team?  

We’re looking for passionate people who bring strong skills and live our core values of safety, compassion, expertise, and efficiency every day. If you’re energized by doing meaningful work, taking pride in what you deliver, and making a real impact for pets, people, and communities, you’ll feel right at home here. Join us and build a career where purpose, care, and excellence come together - because love lives here™. 

Why work for us? 

 At Pet Valu, our people are at the heart of everything we do. We’re passionate about creating an environment where you feel supported, included, and empowered to grow - both personally and professionally. Some of the perks of working with us include:  

  • Hybrid, Flexible Work Options

  • Comprehensive health and dental benefits

  • Employee Share Purchase Plan with company matching

  • Learning and Development support tailored to you

  • An inclusive, collaborative culture where your voice matters

  • Fun company events that keep us connected

  • Preferred rates for car rentals, hotels, phone plans and gym discounts

  • Generous employee discounts on our products

Pet Valu is an equal opportunity employer committed to inclusion and accessibility. Accommodations are available upon request for candidates taking part in all aspects of the recruitment and selection process, in accordance with the Accessibility for Ontarians with Disabilities Act (AODA). 

At Pet Valu, we are committed to transparency and fairness in our hiring practices. This posting is for an existing vacancy. Pet Valu may use AI enabled technology to assist in the recruitment process for positions. The use of AI helps us ensure we are providing an equitable and streamlined recruitment experience for all applicants. While AI tools support our recruitment process, all decisions throughout the process are made exclusively by Pet Valu’s hiring team. At no stage does AI determine recruitment outcomes. 

About Pet Valu
Website
Manager, IT Governance, Risk and Compliance at Pet Valu | Renata