Security GRC Specialist

About The Position

Requirements

• Bachelor's Degree in Information Security, Computer Science, Business, Risk Management or a related field
• 5-8 years of experience in IT risk, cybersecurity risk, audit, compliance or equivalent roles
• Working knowledge of IT governance frameworks and standards (e.g., NIST CSF, ISO 27001, ITIL)
• Familiarity with regulatory and compliance requirements
• Experience with GRC platforms and tools
• Ability to work in a fast-paced environment and stay updated on emerging threats and vulnerabilities
• Proactiveness, natural curiosity, a willingness to learn, adaptability in an evolving environment, and a strong problem-solving mindset
• Ability to work across multiple business units and collaborate across teams
• Fluent communication skills in English are required

Nice To Haves

• Relevant certifications such as CRISC, CISA, CISSP are an asset
• bilingual skills in French are an asset

Responsibilities

• Conduct risk assessments of IT infrastructure, applications, third parties, and critical processes to identify, assess and report on technology and cybersecurity risks
• Track and Manage mitigation plans and ensure timely resolution
• Support the development and maintenance of cybersecurity risk register KPI monitoring and reporting
• Assist in development, review and maintenance of Technology & Cybersecurity Policies, Standards, and procedures
• Ensure alignment of internal policies with industry frameworks (NIST, ISO, COBIT)
• Support audits and board level reporting including preparing key metrics
• Monitor compliance with external regulatory and internal control requirements
• Support internal and external audits
• Conduct periodic control testing including design and operating effectiveness
• Support vendor risk assessments, including reviewing response to questionnaire
• Maintain and enhance governance process through GRC tools (e.g., Archer, ServiceNow GRC, Resolver etc.)
• Support reporting, dashboard creation and automation of risk and compliance processes

Benefits

• Competitive compensation package that rewards and recognizes individual contributions
• Excellent health, dental and insurance benefits to meet the diverse needs of our employees
• Generous vacation time
• fitness benefit
• parental leave top-up options
• Matching contributions to our retirement program
• Commitment to the continuous improvement of our staff through learning & development and an education assistance program
• Regular social events to foster teamwork