Risk and Compliance Team Lead

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Risk and Compliance Team Lead based in Canada.

This is a pivotal leadership role responsible for strengthening how risk, privacy, and compliance are managed within a fast-growing SaaS environment. You will lead a small but high-impact team while building the frameworks, processes, and controls that protect sensitive client data and ensure regulatory alignment. The role sits at the intersection of security, compliance, and operations, requiring both strategic oversight and hands-on execution. You will work closely with engineering, support, and leadership teams to identify risks, close gaps, and continuously improve system resilience. As the organization scales, you will play a key role in shaping governance structures that support trust, transparency, and operational maturity. This is an opportunity to influence how compliance is embedded into product and engineering practices while maintaining a strong focus on execution and accountability. The environment values ownership, curiosity, and the ability to build scalable systems from the ground up.

Accountabilities:

• Lead the risk and compliance function by setting direction, priorities, and structure to ensure effective execution of all related initiatives.
• Identify, assess, and mitigate operational, technical, and data privacy risks in collaboration with cross-functional teams.
• Build, maintain, and continuously improve compliance frameworks, policies, and processes aligned with regulatory requirements such as PIPEDA, GDPR, COPPA, SOC 2, and PCI DSS.
• Oversee and support security and compliance audits, including coordination of third-party assessments and internal evaluations.
• Manage incident response activities, including investigation, documentation, communication, and remediation efforts.
• Collaborate with engineering, product, and operational teams to strengthen security controls and ensure compliance is embedded into workflows.
• Prepare and deliver clear reporting on risk posture, compliance status, and audit outcomes to internal and external stakeholders.
• Lead training and awareness initiatives to build a strong culture of security, privacy, and compliance across the organization.
• Provide leadership, mentorship, and development support to team members while fostering accountability and high performance.
• Act as a key point of contact for clients, auditors, and vendors regarding security and compliance requirements.

Requirements:

• 6+ years of experience in privacy, cybersecurity, compliance, or risk management roles within a technical or SaaS environment.
• Proven experience leading a team or functional area, with responsibility for coaching, prioritization, and performance management.
• Strong understanding of Canadian privacy laws and international data protection regulations (e.g., PIPEDA, GDPR).
• Experience with security and compliance frameworks such as SOC 2, PCI DSS, and related audit processes.
• Ability to operate in both strategic and hands-on capacities, balancing leadership with direct execution.
• Strong analytical and problem-solving skills with the ability to assess and improve complex systems and processes.
• Excellent communication and stakeholder management skills, including the ability to present to technical and non-technical audiences.
• Experience working across engineering, product, and operations teams to drive alignment and implementation.
• Familiarity with IT systems, Microsoft 365, and modern SaaS environments is an asset.
• Relevant certifications such as CIPP/C, CIPM, PMP, or cybersecurity credentials are considered a strong advantage.

Benefits:

• Competitive salary range of $100,000–$120,000 per year, based on experience.
• Employee Stock Ownership Plan (ESOP) offering long-term equity participation.
• Comprehensive health benefits including medical, dental, and vision coverage.
• Life insurance, disability insurance, and health spending account.
• Flexible working hours supporting work-life balance.
• On-the-job training and professional development opportunities.
• Collaborative, high-ownership culture with real autonomy and impact.
• Free on-site parking for employees based at office locations.

How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!  Why Apply Through Jobgether?    Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.     #LI-CL1