21h ago

GRC Analyst

Calgary, Alberta, Canada

โœจ $75k-$100k / yearest.

full-timejunior Hybridsoftware

๐Ÿ›  Tech Stack

๐Ÿ’ผ About This Role

You'll support and grow Benevity's security governance, risk, privacy, and regulatory program. You'll contribute to compliance activities, risk assessments, and third-party risk management while building skills across governance, risk, audit, and privacy domains.

๐ŸŽฏ What You'll Do

  • Assist in maintaining security and privacy policies aligned to ISO 27001, SOC 2, NIST, PCI DSS, GDPR.
  • Support enterprise risk assessments, vendor reviews, and maintenance of the risk register.
  • Assist with audit readiness and evidence gathering for compliance frameworks.
  • Respond to client security questionnaires, RFPs, and third-party risk requests.

๐Ÿ“‹ Requirements

  • 2โ€“4 years of experience in cybersecurity or GRC (0โ€“2 years for junior candidates).
  • Working knowledge of ISO 27001, NIST, SOC 2, PCI DSS, GDPR, PIPEDA, FINTRAC, or CCPA/CPRA.
  • Exposure to GRC tooling (e.g., OneTrust, Hyperproof, SecurityPal, AuditBoard, Drata).
  • Familiarity with risk assessment methodologies and compliance evidence gathering.

โœจ Nice to Have

  • Experience or willingness to support client due diligence processes (security questionnaires, RFPs, TPRM).
  • Interest in leveraging automation and AI to streamline GRC processes.
  • Certifications such as Security+, CISM, CISA, CRISC, or CIPM/CIPP.

๐ŸŽ Benefits & Perks

  • ๐ŸŒ Flexible hybrid work.
  • ๐Ÿ“ˆ Growth opportunities and career development.
  • ๐Ÿค Caring co-workers and supportive culture.
  • ๐Ÿ’ก Innovative work with purpose-driven tech.

๐Ÿ“จ Hiring Process

Estimated timeline: 2-4 weeks ยท AI estimate

  1. 1Recruiter Screenยท 30 min
  2. 2Technical Interviewยท 45 min
  3. 3Hiring Manager Interviewยท 45 min
0 0 0