Director, Governance, Risk and Compliance

Director, Governance, Risk and Compliance

Join to apply for the Director, Governance, Risk and Compliance role at Simon Fraser University

Director, Governance, Risk and Compliance

14 hours ago Be among the first 25 applicants

Join to apply for the Director, Governance, Risk and Compliance role at Simon Fraser University

Union / Affiliation : Administrative Professional Excluded Staff

Pay range : $142,552 to $184,473 annually

SFU Department Description : Information Security

Position Grade : 16

of openings : 1

Biweekly Hours : 72

Who We Are

Simon Fraser University is a leading research university, advancing an inclusive and sustainable future. Our purpose – the essence of SFU – is to create and connect knowledge, learning and community for deeper understanding and meaningful impact. We are committed to fostering excellence, innovation, belonging and community in all that we do.

The Director, Governance, Risk and Compliance (GRC) at Simon Fraser University is a senior leadership role responsible for shaping and overseeing the University’s cybersecurity governance, risk, and compliance framework. Reporting to the Chief Information Security Officer, the Director drives the development and execution of strategies that safeguard SFU’s digital assets, ensure compliance with privacy and security legislation, and align with institutional priorities and evolving threats. The role provides oversight for security policies, risk management, IT disaster recovery, incident response, training, and compliance programs, while fostering a culture of security awareness across the university. Additionally, the Director leads the GRC team, collaborates with internal and external stakeholders, and ensures SFU’s cybersecurity practices are aligned with frameworks such as NIST, PCI-DSS, and FIPPA.

About The Role

The Director, Governance, Risk and Compliance (GRC) provides strategic direction, planning and oversight for the University’s information security governance, risk management, and compliance program. Reporting to the Chief Information Security Officer (CISO), the Director is responsible for advancing the maturity of the University’s information security program by aligning GRC initiatives with institutional priorities and an evolving threat landscape. The role oversees all matters related to information security governance, risk and compliance including the development and implementation of University-wide information security procedures, standards, guidelines, controls, and processes; information security architecture; cybersecurity risk management and mitigation; IT disaster recovery planning and security incident response; security assessments; information security awareness training; and compliance with privacy and other legislative requirements. The Director plays a pivotal role in facilitating critical issue resolutions, ensuring the confidentiality, integrity, and availability of the University’s digital information and electronic systems, and embedding GRC within the broader information security strategy to maintain alignment with legislative and regulatory requirements. Working in close partnership with stakeholders across the University the Director promotes a culture of security awareness and shared responsibility. The position also provides leadership to the GRC team, ensuring operational excellence, financial stewardship, and the ongoing development of team capabilities in support of University objectives.

Qualifications

Bachelor’s degree in Computer Science, Information Security, Computer Forensic & Cyber Crime Studies, or related field of study and Certified Information Systems Security Professional (CISSP) certification, and ten (10) years of progressive experience in information security at a senior technical or management level including information security planning, consultation and program development in a large, complex, multi-disciplinary enterprise environment, or the equivalent combination of education and experience.

• Excellent knowledge of industry standards as they relate to information security, Payment Card Industry regulations, Canadian Privacy Laws with emphasis on BC's Freedom of Information and Protection of Privacy Act (FIPPA).
• Excellent knowledge of information security technologies and practices in multiple domains of cybersecurity, and evaluating risks, vulnerabilities and issues as part of the project assessment.
• Excellent knowledge of applications, systems, network and data security, telecommunications, security operations, and associated hardware, software and protocols.
• Excellent analytical skills and ability to evaluate large quantities of information to formulate actionable strategies for improving the information security posture of the University.
• Excellent written and verbal communication skills with the ability to translate technical risks, controls, vulnerabilities and issues into clear, actionable business language and to explain technical matters to non-technical audiences up to and including the Executive level.

What We Offer

At SFU, our goal is to ensure our people are valued and supported by promoting a healthy work-life balance, professional growth and development, as well as a safe and respectful workplace. We offer continuing employees who belong in the Administrative Professional Excluded Staff group (APEX) :

• 4 weeks’ vacation (prorated for the first year)
• Hybrid-work program for eligible positions
• On-campus tuition waiver for employees and their immediate family members
• Off-campus tuition reimbursements and professional development funds
• And more!
• Prorated for part-time employees

Additional Information

The pay range is the span between the minimum and maximum base salary for the position. The midpoint of the range is approximately halfway between the minimum and the maximum and represents an employee that possesses full job knowledge, qualifications and experience for the position. In the normal course, employees will be hired, transferred or promoted between the minimum and midpoint of the pay range.

Please include your cover letter and resume in one attachment.

SFU is an equity employer and strongly encourages applications from all qualified individuals including women, Indigenous Peoples, visible minorities, people of all sexual orientations and gender identities, persons with disabilities, and others who may contribute to the further diversification of the university.

We are committed to ensuring that the application and interview process is accessible to all applicants. If you require any assistance or accommodations, please contact pei_reception@sfu.ca.

Seniority level

Seniority level

Director

Employment type

Employment type

Full-time

Job function

Job function

Finance

Higher Education

Referrals increase your chances of interviewing at Simon Fraser University by 2x

Get notified about new Risk Director jobs in Burnaby, British Columbia, Canada .

Enterprise Risk Management - Director / Senior Director of Corporate Security & Investigations

Burnaby, British Columbia, Canada 1 month ago

Langley, British Columbia, Canada 1 month ago

Director, Business Continuity & Emergency Management

Senior Technology Director - Identity & Access Management

Regional Medical Director - Learning and Research

Surrey, British Columbia, Canada 1 year ago

Public Health Physician and Medical Director, Immunization Programs and Vaccine Preventable Diseases Services, BC Centre for Disease Control

Director, Global Risk & Advisory Service

Senior Manager, Assurance Quality Risk Management (AQRM) - Remote Eligible

Senior Manager, Technology Risk Analytics Operations (Global Security)

Director, Control Testing and Assurance (Global Security)

Associate Director, Cyber and Technology Risk

Senior Manager, Risk Operations - Payments and Fraud

Burnaby, British Columbia, Canada 1 month ago

Director, Internal Audit - Competition ID : 2554

Langley, British Columbia, Canada 1 month ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

J-18808-Ljbffr