Information Services Governance and Compliance Specialist

Posting closes: May 21, 2025

Employment Status: Permanent, Full-time (37.5 hours per week)

Additional Information: We welcome applications from all Canadian residents. However, preference will be given to candidates residing in Alberta. Please note that this position requires attendance at monthly in-person team meetings.

Servus is growing! We are currently looking for a Information Services Governance & Compliance Specialist within our Information Services department in Edmonton, Alberta.

Servus Credit Union is Alberta's largest member-owned credit union, known for building strong, resilient communities by helping our members feel good about their money. One of Canada's Best Managed Companies for 20 consecutive years and ranked as one of the top banks in Canada on Forbes World's Best Banks list for two years in a row, we are a team of smart, gutsy, and driven individuals.

IS Governance and Compliance Specialist, under the direction of the Lead, GRC will design, develop and maintain a corporate program to manage and respond to audit requests and exercises (IT/IS/Security controls). These will include, but not be limited to, internal audit assessments, annual financial statement audit and regulator and industry audits.

Additionally, this position will collaborate with Leader of Cards in regard to PCI-DSS compliance, is being produced and delivered to ensure Servus' good standing with the PCI-DSS. This will include internal controls as well as validation and verification of controls for external partners and providers.

The scope of your responsibilities will include, but are not limited to:

Governance Program

• Scope, develop and implement IT governance framework across the organization.
• Manage effectiveness of audit responses and drive any remediation required. Perform root cause analysis and implement continuous improvement process opportunities. (only leave this in if no ‘Interim Lead' role is filled.
• Ensure IT Security projects align with the business strategy and objectives
• Identify risks and implement/recommend risk mitigation strategies
• Develop, monitor and report on security performance metrics
• Develop and implement IT policies and procedures that promote cost-effective, secure operations
• Provide guidance on IT risk management, including disaster recovery planning
  
  

Regulatory Compliance

• Manage operational effectiveness of security controls within the compliance frameworks and drive any remediation required. Perform root cause analysis and implement continuous improvement process opportunities
• Develop metrics to report on compliance performance
• Have an in-depth knowledge of current and changing trends of Regulatory environment
• Stay informed of and be compliant with all applicable provincial and federal laws and regulations. Be knowledgeable of current trends in the financial industry
• Provide feedback and escalate issues related to current compliance framework and security controls within it.
• Seek efficiencies while maintaining regulatory requirements
• Monitor, process and lead any work required for changes to the current and future compliance frameworks
• Work closely with internal stakeholders such as AML, Privacy, and Payments to ensure the security controls are identified and monitored by the appropriate stakeholders
  
  

Business Processes

• Apply subject matter expertise to the prioritization and planning in conjunction with Audit and Compliance policies and strategies
• Ensure Lead, GRC is informed of all relative developments and information
• Ensure guidelines for third party providers are adhered to
• Provide reporting/analysis as requested to Director Payments regarding all aspects of PCI-DSS compliance
  
  

Teamwork

• Ability to work in a busy, ever-changing environment
• Maintain a responsive and respectful relationship with other departments
• Build and sustain excellent working relationships at all levels of the organization
• Contribute positively to department morale and a cohesive work environment
• Work collaboratively to accomplish common goals
• Flexible, versatile, and dependable
  
  
  

Requirements

• Minimum of 5-7 years in Information Security and Risk roles
• Desired certification of Certified Systems Security Professional (CISSP)
• Experience with frameworks and standards such as NIST Cybersecurity Framework, OSFI B13, COBIT, and ITIL
• Strong knowledge of regulatory requirements and how they apply to the information security and risk
• Strong analytical, problem-solving skills
• Ability to work effectively with internal and external partners
• Self-motivated and able to establish structure and approach to complete individual work assignments with minimal day-to-day supervision
  
  
  

The folllowing certifications are desirable:

• Certified Information Security Manager (CISM)
• Certified Information Security Auditor (CISA)
• Certified in Risk and Information Systems Control (CRISC)
  
  
  

Education and Training:

• The position requires a minimum completion of an undergraduate business program and progress within a post-secondary accounting or financial analysis professional program
  
  
  

Benefits

Working for Servus has outstanding benefits. In addition to standard benefits like health and wellness, vacation and retirement savings programs, we also provide other important benefits such as:

• Training & Development Opportunities
• Career Advancement Potential
• Flexible work options
• Competitive Compensation including performance-based incentive pay
• Meaningful work towards individual and corporate goals
• Opportunities to get involved and give back through an employee volunteer program
  
  
  

For Information About These Benefits And More, Click Here.

At Servus, our employees are also members. This means you'll have all the benefits of being a member of the credit union including profit sharing, voting for the board of directors, and all of the services we provide ... with a few additional perks!

What happens next?

Only those applicants selected for an interview will be contacted. Should you require any accommodations during the hiring process, please advise us at that time.

Discover a sense of belonging amongst a team of unique, authentic individuals working together to reimagine financial fitness. We value and celebrate the richness that diverse backgrounds and experiences bring to our community. Your skills, passion, and curiosity may find a sense of belonging at Servus, so even if you don't check every box we encourage you to apply!

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Information Technology
• Industries
  IT Services and IT Consulting

Referrals increase your chances of interviewing at Servus Credit Union by 2x

Greater Calgary Metropolitan Area 3 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.