Our Team
Passionate experts dedicated to your GRC program
The CapGRC team brings together experts in governance, cybersecurity, regulatory compliance, and SaaS development. Together, we design the GRC platform best suited for Canadian organizations.
Director of GRC Strategy & Compliance
Co-founder — Strategic and regulatory cornerstone of CapGRC
With over 15 years of governance experience, our strategy director has guided dozens of Quebec organizations in structuring their compliance programs. She is the primary architect of the regulatory content embedded in CapGRC.
Key Missions
- Define the product vision and strategic alignment with Canadian regulatory frameworks
- Monitor regulatory changes (Law 25, ISO 27001, PIPEDA, DORA)
- Guide clients during onboarding to define their GRC program
- Speak at webinars and partner events as a subject matter expert
Certification: Certified CISA, CRISC, and accredited third-party ISO 27001 lead auditor.
Chief Technology Officer (CTO)
Architect of the CapGRC SaaS platform
A specialist in multi-tenant SaaS platforms, our CTO designed the resilient, secure, and bilingual infrastructure that powers CapGRC. He ensures platform availability and continuous integration.
Key Missions
- Oversee the technical architecture: Next.js, TypeScript, sovereign Canadian hosting
- Build and maintain the CI/CD pipeline
- Design and document public APIs for third-party integrations
- Ensure platform scalability and incident management
Certification: Responsible for technical compliance with Law 25 Canadian hosting requirements.
Chief Product Officer (CPO)
Head of user experience and product roadmap
Our CPO combines deep UX expertise with a thorough understanding of GRC professionals' needs. She leads the roadmap to ensure every feature addresses real needs of CISOs, auditors, and compliance officers.
Key Missions
- Manage the product roadmap and development sprints
- Conduct user interviews, usability tests, and co-design workshops
- Design wireframes and prototypes for new features
- Ensure consistency of the bilingual FR/EN experience
Compliance & Training Expert
Head of client support and training
A former CISO in the Quebec public sector, our compliance expert understands the operational realities of GRC teams. He designs and delivers the training, guides, and webinars available on the platform.
Key Missions
- Lead structured client onboarding sessions (configuration and framework setup)
- Create educational content: guides, tutorials, and thematic webinars
- Support clients in implementing their Law 25 and ISO 27001 programs
- Maintain the resource library (templates, checklists, models)
Certification: Hosts monthly CapGRC webinars and represents the company at industry events.
Offensive Security & Cloud Expert
Head of security testing and CapGRC defensive posture
Our security expert thinks like an attacker to better protect the platform and clients. He performs internal penetration tests, monitors the cloud security posture, and contributes to the security frameworks in CapGRC.
Key Missions
- Perform regular penetration tests on the CapGRC platform
- Assess and harden the Canadian cloud infrastructure
- Feed CapRISK with up-to-date threat and vulnerability scenarios
- Monitor CVEs and emerging threats affecting CapGRC clients
Certification: OSCP and AWS Security Specialty certified.
Regulatory Expert — Financial Sector
Specialist in financial frameworks and sectoral compliance
With 12 years of banking compliance experience, our regulatory expert contributed to the design of the PCI-DSS 4.0 and OSFI frameworks pre-configured in CapGRC. She supports clients in banking, insurance, and fintech.
Key Missions
- Maintain and enrich the PCI-DSS 4.0, OSFI, and DORA frameworks in CapGRC
- Support financial sector clients in their compliance journey
- Participate in demos for banking and insurance prospects
- Write practical guides on financial regulatory topics
Certification: Former certified PCI-QSA auditor. Listed as an expert by the Canadian Bankers Association.
Want to contribute to the CapGRC mission?