🤑 Base salary range: For this role, candidates located in Canada can expect a base salary range, described in the posting. Actual compensation is determined based on skills, experience, and role level. Exceptional candidates may be considered above the top of the range, and pay can increase quickly for those who make a big impact in the role.

🚀 Total compensation: In addition to base salary, permanent employees receive equity compensation. We use clear job levels and market-based salary bands to ensure compensation is fair and consistent across the company.

Build something people love

Wealthsimple's mission is to help everyone achieve financial freedom – by making financial services simple, transparent, and low-cost. We're Canada's largest fintech, trusted by over 3 million clients with more than $100 billion in assets. We move fast, we own our work, and we care deeply about the people using our products. If that sounds like you, keep reading.

We're proud of what we've built — and we're just getting started. Read our Culture Manual and learn more about how we work.

The Security GRC team plays a critical role in adhering to security frameworks and creating space for risk mitigation and oversight. We want to ensure that Wealthsimple maintains a secure operational environment by implementing and monitoring controls designed to protect information, systems and infrastructure.

We are looking to expand the Security GRC team with a Manager, Security Compliance to lead our SOX and ICFR compliance program. This role will be instrumental in ensuring Wealthsimple meets its regulatory obligations around internal controls over financial reporting while building a scalable compliance function.

You will focus on owning and maturing our SOX and ICFR compliance program and have the opportunity to expand your scope to oversee the broader compliance function, including SOC 1& 2, PCI DSS, and NIST frameworks and leading a team of specialists. You'll work closely with teams across Security, Finance, Legal, Product, and Engineering to ensure controls are designed, implemented, and operating effectively.

In this role, you'll have the opportunity to

• Own and manage the IT general controls (ITGCs) component of the ICFR compliance program while supporting the build out of the ITGCs & IT Application controls (ITAC) for the SOX program from the ground up, leveraging existing frameworks and controls where applicable

• Partner with Finance, IT, and business stakeholders to identify and document key controls over financial reporting, ensuring controls are designed and in place ahead of audit cycles

• Ensure ITGCs and ITACs supporting financial systems are properly documented and operating as intended

• Serve as the primary point of contact for external auditors, coordinating evidence requests, walkthroughs, and finding remediation

• Build and maintain a controls inventory with clear ownership, documentation standards, and readiness status

• Work cross-functionally with control owners to ensure gaps are identified early and remediation plans are in place before audit periods

• Develop and report on compliance readiness and control health to senior leadership

• Drive continuous improvement in the efficiency and effectiveness of the SOX Compliance system (AuditBoard) and related technologies

• Maintain current knowledge of emerging risks, industry trends, and regulatory changes relevant to the business and the audit profession

• Expand ownership to include SOC 1&2, PCI DSS, and NIST compliance programs, building a unified compliance function

• Lead a small team of compliance specialists, providing mentorship, prioritization, and ensuring alignment across the aforementioned compliance initiatives

What you'll bring

• 6-8 years of experience in IT audit, compliance, or security assurance, with deep expertise in SOX/ICFR compliance (preferably in financial services or fintech)

• Strong understanding of COSO framework, ITGCs, ITACs, and control design principles

• Experience working with external auditors on SOX engagements, particularly in a coordination or liaison capacity

• Proven ability to lead and manage a team, ensuring that audit deliverables are met efficiently and on time.

• Working knowledge of SOC, PCI DSS, and/or NIST frameworks is a strong asset

• Proven ability to manage multiple compliance workstreams and competing priorities

• Strong stakeholder management and communication skills with ability to influence across technical and non-technical teams

• Experience with GRC tools and control management platforms

• Self-directed professional who can build programs from the ground up and drive initiatives to completion

• Relevant certifications preferred (CISA, CISSP, CPA, CIA, or equivalent)

Why Wealthsimple?

🌸 Top-tier health benefits and life insurance

📈 Long-term group savings with employer match, through Wealthsimple for Business

🌴 20 vacation days, 4 wellness days, and unlimited sick and mental health days per year

✈️ 90 days away: work outside Canada for up to 90 days per year

👥 Employee resource groups, including Rainbow (2SLGBTQ), Women of WS, and Black at WS

🌎 We are a hybrid team with over 1,500 employees across North America. The people are one of the best parts of working here: you'll collaborate with incredibly talented, curious, and driven teammates who are deeply committed to doing great work.

ICYMI

Technology & Innovation at Wealthsimple: We move quickly and build thoughtfully. That means we're always looking for better ways to work — whether that's new tools, AI, or rethinking how we approach a problem. We don't expect you to have all the answers, but we do expect curiosity and a willingness to evolve alongside the products we're building.

Inclusion Statement: We're building products for a diverse world, and we need a diverse team to do it well. We strongly encourage applications from everyone, regardless of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status.

Accessibility Statement: We're committed to an accessible hiring experience. If you need any accommodations throughout the interview process, please let us know — we'll work with you to make sure you have what you need. We also welcome any feedback on how we can better accommodate candidates with accessibility needs.

AI in Hiring: We may use artificial intelligence (AI) tools to support parts of our hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our team but don't replace human judgment – all final hiring decisions are made by people. If you have questions about how your data is used, reach out to us.

Compensation Range: CA$166.4K - CA$208K