Senior Manager, Infosec, IT & Compliance
Top Benefits
About the role
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Manager, Infosec, IT & Compliance based in Canada.
This is a strategic leadership opportunity for an information security and compliance professional to strengthen security, privacy, and IT operations within a growing healthcare technology environment. In this role, you will oversee three critical areas: information security, IT operations, and regulatory compliance, ensuring systems and processes support business growth while protecting sensitive data. You will work closely with Engineering, Product, Legal, and business teams to translate complex regulations into practical solutions. This position offers the chance to build scalable programs, improve security maturity, and shape how a remote-first organization manages risk. Ideal for a hands-on leader, this role combines technical expertise, operational ownership, and strong cross-functional influence.
Accountabilities
Lead and evolve information security, IT operations, and compliance programs to support business growth and maintain strong protection of sensitive health and personal data. Manage compliance initiatives across multiple regulatory frameworks, including HIPAA/HITECH, GDPR/UK GDPR, PIPEDA, Quebec Law 25, PHIPA, and emerging privacy requirements. Own vendor risk management processes, including the negotiation and lifecycle management of Business Associate Agreements (BAAs) and Data Processing Agreements (DPAs). Partner with Engineering and Product teams to embed privacy-by-design principles, improve security controls, and reduce compliance risks across product development. Drive security maturity initiatives, including SOC 2 Type II and ISO 27001 readiness, incident response planning, breach notification workflows, and operational resilience improvements. Oversee IT operations, including employee onboarding and offboarding, device management, identity and access management, and remote workforce support. Develop and maintain IAM strategies, including least-privilege access controls, role-based access management, access reviews, and identity provider administration. Manage endpoint security standards, SaaS vendor governance, tooling optimization, and technology procurement processes. Build and improve security, IT, and compliance processes, documentation, and operational frameworks to support organizational scale. Lead and mentor IT operations resources while partnering with external compliance advisors and internal stakeholders. Act as a strategic bridge between Legal, Engineering, IT, Customer Success, and leadership teams by translating regulatory requirements into actionable business and technical solutions.
Requirements
6+ years of experience in information security, IT operations, privacy, and compliance roles, including at least 2+ years in healthcare SaaS or another regulated industry. Strong expertise in healthcare compliance frameworks such as HIPAA/HITECH, including Business Associate responsibilities, breach notification requirements, and PHI protection practices. Solid understanding of GDPR/UK GDPR, cross-border data transfers, and global privacy regulations. Proven experience negotiating and managing vendor agreements, including BAAs and DPAs. Experience implementing and maintaining security frameworks such as SOC 2, ISO 27001, or equivalent standards, including audit preparation and third-party assessments. Hands-on experience managing IT operations in remote-first organizations, including identity management, device provisioning, endpoint security, and SaaS administration. Technical understanding of SaaS architecture, APIs, cloud environments such as AWS, and identity platforms including Google Workspace, Okta, or Microsoft 365. Experience building or scaling security, IT, and compliance functions within high-growth technology companies. Strong communication skills with the ability to explain technical and regulatory concepts to both technical teams and executive stakeholders. Practical risk management mindset with strong judgment around escalation, prioritization, and business impact. Comfortable operating in a fast-moving environment with evolving priorities and a high degree of ownership. Professional certifications such as CIPP/US, CIPP/E, CIPM, CISSP, CISM, or equivalent are considered an asset. Experience with Canadian privacy regulations, compliance automation tools such as Vanta, Drata, or Secureframe, and IT service management platforms is a plus.
Benefits
Competitive base salary range of CAD $165,000-$180,000 per year, depending on experience, skills, location, and qualifications. Fully remote-first work environment within Canada. Comprehensive health, dental, and vision coverage from day one. Employer-matched RRSP program. Generous paid parental leave. Unlimited vacation policy built around trust and flexibility. Annual Health & Wellness Allowance of $750. Annual Learning & Development Allowance of $1,000. Annual Home Office Allowance of $500. Access to confidential digital mental health support. Family-building and fertility support resources. Company-wide holiday closure in December. Regular virtual events, team gatherings, and opportunities for in-person collaboration. Opportunity to make a meaningful impact within a mission-driven technology organization focused on improving healthcare outcomes.
How Jobgether Works
We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.
We appreciate your interest and wish you the best!
Why Apply Through Jobgether?
Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
Not the right fit? Search for Manager, Infosec, IT & Compliance jobs in Canada
About Jobgether
Your future of work, like you've always dreamt it, is now possible with Jobgether !
The Covid crisis has accelerated its revolution but work, as we knew it, doesn't exist anymore. Tomorrow, jobs will be hybrid, remote and asynchronous. Flexibility will be the norm.
Jobgether helps you find your next remote job, wherever you are.
Similar Jobs
Senior Manager, Infosec, IT & Compliance
Top Benefits
About the role
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Manager, Infosec, IT & Compliance based in Canada.
This is a strategic leadership opportunity for an information security and compliance professional to strengthen security, privacy, and IT operations within a growing healthcare technology environment. In this role, you will oversee three critical areas: information security, IT operations, and regulatory compliance, ensuring systems and processes support business growth while protecting sensitive data. You will work closely with Engineering, Product, Legal, and business teams to translate complex regulations into practical solutions. This position offers the chance to build scalable programs, improve security maturity, and shape how a remote-first organization manages risk. Ideal for a hands-on leader, this role combines technical expertise, operational ownership, and strong cross-functional influence.
Accountabilities
Lead and evolve information security, IT operations, and compliance programs to support business growth and maintain strong protection of sensitive health and personal data. Manage compliance initiatives across multiple regulatory frameworks, including HIPAA/HITECH, GDPR/UK GDPR, PIPEDA, Quebec Law 25, PHIPA, and emerging privacy requirements. Own vendor risk management processes, including the negotiation and lifecycle management of Business Associate Agreements (BAAs) and Data Processing Agreements (DPAs). Partner with Engineering and Product teams to embed privacy-by-design principles, improve security controls, and reduce compliance risks across product development. Drive security maturity initiatives, including SOC 2 Type II and ISO 27001 readiness, incident response planning, breach notification workflows, and operational resilience improvements. Oversee IT operations, including employee onboarding and offboarding, device management, identity and access management, and remote workforce support. Develop and maintain IAM strategies, including least-privilege access controls, role-based access management, access reviews, and identity provider administration. Manage endpoint security standards, SaaS vendor governance, tooling optimization, and technology procurement processes. Build and improve security, IT, and compliance processes, documentation, and operational frameworks to support organizational scale. Lead and mentor IT operations resources while partnering with external compliance advisors and internal stakeholders. Act as a strategic bridge between Legal, Engineering, IT, Customer Success, and leadership teams by translating regulatory requirements into actionable business and technical solutions.
Requirements
6+ years of experience in information security, IT operations, privacy, and compliance roles, including at least 2+ years in healthcare SaaS or another regulated industry. Strong expertise in healthcare compliance frameworks such as HIPAA/HITECH, including Business Associate responsibilities, breach notification requirements, and PHI protection practices. Solid understanding of GDPR/UK GDPR, cross-border data transfers, and global privacy regulations. Proven experience negotiating and managing vendor agreements, including BAAs and DPAs. Experience implementing and maintaining security frameworks such as SOC 2, ISO 27001, or equivalent standards, including audit preparation and third-party assessments. Hands-on experience managing IT operations in remote-first organizations, including identity management, device provisioning, endpoint security, and SaaS administration. Technical understanding of SaaS architecture, APIs, cloud environments such as AWS, and identity platforms including Google Workspace, Okta, or Microsoft 365. Experience building or scaling security, IT, and compliance functions within high-growth technology companies. Strong communication skills with the ability to explain technical and regulatory concepts to both technical teams and executive stakeholders. Practical risk management mindset with strong judgment around escalation, prioritization, and business impact. Comfortable operating in a fast-moving environment with evolving priorities and a high degree of ownership. Professional certifications such as CIPP/US, CIPP/E, CIPM, CISSP, CISM, or equivalent are considered an asset. Experience with Canadian privacy regulations, compliance automation tools such as Vanta, Drata, or Secureframe, and IT service management platforms is a plus.
Benefits
Competitive base salary range of CAD $165,000-$180,000 per year, depending on experience, skills, location, and qualifications. Fully remote-first work environment within Canada. Comprehensive health, dental, and vision coverage from day one. Employer-matched RRSP program. Generous paid parental leave. Unlimited vacation policy built around trust and flexibility. Annual Health & Wellness Allowance of $750. Annual Learning & Development Allowance of $1,000. Annual Home Office Allowance of $500. Access to confidential digital mental health support. Family-building and fertility support resources. Company-wide holiday closure in December. Regular virtual events, team gatherings, and opportunities for in-person collaboration. Opportunity to make a meaningful impact within a mission-driven technology organization focused on improving healthcare outcomes.
How Jobgether Works
We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.
We appreciate your interest and wish you the best!
Why Apply Through Jobgether?
Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
Not the right fit? Search for Manager, Infosec, IT & Compliance jobs in Canada
About Jobgether
Your future of work, like you've always dreamt it, is now possible with Jobgether !
The Covid crisis has accelerated its revolution but work, as we knew it, doesn't exist anymore. Tomorrow, jobs will be hybrid, remote and asynchronous. Flexibility will be the norm.
Jobgether helps you find your next remote job, wherever you are.