Role Description:The Senior Governance, Risk and Compliance Manager oversees and facilitates information security audits, ensuring audit readiness, comprehensive documentation, and clear communication of findings to customers. This role involves identifying risks and making strategic recommendations to maintain high standards of security and compliance for our clients. Key Responsibilities \& Performance Expectations:Lead and manage compliance audits such as SOC2, ISO 27001 with a focus on preparing, organizing, and maintaining detailed documentation to support audit readiness and ensure seamless compliance processes.
Build and maintain strong, trust-based relationships with clients by providing clear, proactive communication and responsive support at every stage of the engagement. Ensure timely execution of audit plans and support pre-audit assessments, evidence gathering, and validation of resolved issues. Actively participate in executing tasks, have a "roll up the sleeves attitude"Take ownership of tasks, ensuring accountability and timely completion.
Make senior-level compliance decisions to address complex issues. Assess client needs, gather requirements, and make informed recommendations.Respond promptly and accurately to RFPs and vendor security questionnaires, delivering timely, high-quality submissions demonstrating our commitment to security and compliance. Write and review compliance policies, frameworks, and SOPs with clarity.
Engage and communicate effectively with internal and external stakeholders, including senior management, clients, and external auditors. Analyze and interpret regulatory changes and implement necessary procedural updates to ensure ongoing compliance. Provide customized compliance training and guidance to internal teams, ensuring alignment with each client's unique policies and regulatory requirements by assessing, adapting, and applying solutions that go beyond standard templates.
Proactively seek ways to streamline audit processes, enhance efficiency, and minimize redundancies. Maintain high levels of organization while managing multiple complex projects, ensuring alignment with internal processes. Utilize compliance software tools for evidence tracking and reporting.
You'll likely be a good fit for this role if you:3-5 years of experience managing compliance audits, including SOC2, ISO 27001, or similar standards, with a strong understanding of audit readiness and documentation management. Prior experience working with US-based clients and familiarity with industry-specific regulatory standards. Strong knowledge of cloud-based technologies, software development lifecycles and familiarity with compliance software tools for evidence tracking and reporting.
Advanced proficiency in Excel or Google Sheets for data tracking, audit management, and evidence organization. Demonstrated experience building trust-based client relationships through proactive and responsive communication, with a proven track record of handling RFPs, vendor security assessments, and information security (infosec) questionnaires, ensuring solutions are tailored to align with client-specific policies and IT General Controls (ITGC).
Strong project management skills with the ability to organize tasks, follow up, and ensure timely completion of deliverablesProven ability to build trust-based client relationships through proactive, responsive communication and tailored solutions aligned with client-specific policies. High attention to detail and organizational skills to manage multiple complex projects, streamline audit processes, and ensure alignment with internal protocols. Strong strategic problem-solving and decision-making abilities for identifying security risks, assessing client needs, and making informed compliance recommendations.Demonstrated success in driving strategic initiatives that enhance organizational security, resilience, and a culture of continuous improvement.
Bachelor's degree in business, operations, computer science, accounting, technology, or equivalent experience. Experience working with startups, with an adaptable approach to tailoring solutions to each client's unique environment and requirements. Native or fluent in English, with excellent reading, writing, and speaking skills to facilitate clear communication with clients and internal stakeholders.
Location \& Work Setup:This is a hybrid role based in Vancouver, BC. Candidates must be located in Vancouver and able to work from home with a reliable, and quiet setup. About
Us:Monachus Solutions is a US and Canada-based consulting firm dedicated to empowering businesses to focus on growth and innovation. We simplify the complexities of operations, streamline processes, and oversee cybersecurity compliance, allowing clients to stay focused on their core mission. With a team that's flexible, detail-oriented, and deeply collaborative, we deliver tailored solutions that drive real impact.
At Monachus, we bring curiosity, accountability, and a commitment to exceptional service, ensuring each client receives the highest level of support. Our core services include:Governance, Risk \& Compliance (GRC) Support for frameworks including SOC1, SOC2, ISO/IEC 27001, ISO/IEC 42001, and others. Business Process OptimizationFractional Support: Compliance and Risk, Operations and Project ManagementCustom Solutions \& Automations across different platformsMarketing Analytics Report AutomationSalary: $100,000-$150,000 CAD
