Director, Governance, Risk & Compliance

Director, Governance, Risk & Compliance at Aritzia

The mission of the Cybersecurity Department at Aritzia is to deliver high-quality cybersecurity services and solutions that minimize risk across the company’s systems and data.

Aritzia is experiencing growth, and with it, the Governance, Risk & Compliance (GRC) team within our Cybersecurity Department is expanding. As the Director, Governance, Risk & Compliance, you will be at the forefront of delivering and continuously improving Aritzia’s GRC capabilities. This includes overseeing cybersecurity policies and standards, managing third-party risks, and developing robust compliance and control frameworks.

You will be responsible for defining the product strategy and roadmap for GRC services, driving the automation of control testing and evidence collection. Furthermore, you will collaborate closely with various internal partners, including Technology, Internal Audit, and Legal, to ensure all regulatory and policy requirements are met. Your role is crucial in ensuring the GRC program is pragmatic, measurable, and aligned with Aritzia’s enterprise risk appetite, thereby enabling teams to innovate rapidly while maintaining full compliance. With a strong focus on people, you will support your high-potential team members in building rewarding careers at Aritzia, while also enjoying significant professional growth yourself.

The Role

As the Director, Governance, Risk & Compliance, you will lead your team to:

• Establish, operate, and continually enhance Aritzia’s enterprise GRC program.
• Oversee the management of cybersecurity policies and standards, ensuring they align with industry frameworks such as NIST/ISO.
• Maintain a unified control framework, ensuring disciplined ownership, regular testing cadences, effective issue management, and continuous monitoring.
• Manage enterprise risk through methodology ownership, conducting assessments, monitoring Key Risk Indicators (KRIs), planning remediation, and coordinating cross-functional efforts.
• Develop, maintain, and continuously mature the enterprise Incident Response program.
• Ensure ongoing audit compliance by working closely with Internal Audit and external assessors.
• Collaborate with Business Support partners to seamlessly lead the department's day-to-day functions in alignment with corporate objectives, fostering progressive career development and an exceptional employee experience.

The Qualifications

The ideal Director, Governance, Risk & Compliance candidate will possess proven, best-in-class skills, education, experience, and/or applicable certifications, including:

• Deep knowledge of GRC frameworks such as NIST CSF, ISO 27001/27701, ITGCs/SOX, PCI DSS, and privacy regulations (e.g., PIPEDA/GDPR).
• Hands-on experience with GRC platforms like ServiceNow IRM, Archer/RSA, or OneTrust, as well as ITSM, identity management, cloud environments, and integrations for automated evidence and continuous control monitoring.
• Proficiency in scripting and automation.
• Relevant certifications such as CISSP, CISM, CISA, CRISC, ISO 27001 Lead Implementer/Auditor, ITIL, and various privacy certifications.
• A strong commitment to learning, applying, championing, and enriching Aritzia's Values and Business and People Leadership principles.
• Excellent skills in strategic collaboration with cross-functional partners to achieve shared business outcomes.
• The ability to set clear objectives and design inspiring strategies for the team.
• A dedication to quality and a focus on investing in results and new business opportunities that deliver value.

The Compensation

The typical hiring range for this position is $150,000–$250,000 per year. The final agreed upon salary may vary based on factors such as job-related knowledge, skills, and experience. We are always looking for top talent. If your qualifications differ from those listed above, the scope of work and final agreed upon salary may be adjusted to reflect your individual qualifications. Aritzia’s Everyday Luxury compensation package extends beyond the base salary, offering endless growth and recognition opportunities through our pay-for-performance philosophy. With comprehensive benefits, aspirational workspaces, and elevated employee perks and experiences — we provide it all.

The Perks

Some of the industry-leading benefits you will receive working at Aritzia include:

• Product Discount: Enjoy our famous product discount and exclusive private shopping events.
• A-OK Commissary & Cafe: Experience Everyday Luxury dining at our in-house bistro and cafe, a private oasis where employees can enjoy curated, subsidized meals.
• The SET: Access our in-office fitness studio and gym, featuring state-of-the-art equipment, custom-created classes, and optional personal training. Open 7 days a week for your convenience.
• Aritzia Virtual Wellness: We provide 24/7 resources to support your wellbeing goals—physical, mental, social, or financial—because your health, happiness, and safety are important.
• Aspirational Workplace: Our offices are specifically designed to foster creativity, productivity, and inspiration. They are also dog friendly.
• Amenities: Additional amenities include a private parent’s room, shower facilities with elevated complementary conveniences, bike rooms, and more.
• The Extras: We also offer a multitude of other perks such as dry-cleaning services, hotel and restaurant discounts, self-care promotions, and on-site medical care.