Responsibilities

• Design and execute compliance testing protocols to validate key and non-key controls across assigned functional areas.
• Maintain regulatory evidence catalogs (OSFI guidance, insider threat frameworks, vendor risk standards) through periodic collection and organization.
• Monitor functional teams' adherence to Corporate Security Management policies and identify gaps between policy requirements and operational practice.
• Document control testing results and observations in audit‑ready formats; elevate exceptions and control gaps to GRC leadership.
• Track remediation progress on identified compliance gaps and validate closure.
• Prepare compliance status reports for internal audit, external regulators, and GRC leadership.
• Partner with Physical Security, Employee Protection, and Insider Risk leaders to clarify control design and obtain supporting evidence.
• Advise on control framework matur...