Compliance

• Implementing and maintaining GRC policies, procedures, and controls aligned with ISO/IEC 27001:2022, NIST, and other relevant standards.
• Conducting risk assessments across business units, IT systems, and third-party vendors.
• Tracking and reporting on risk mitigation plans and residual risk.
• Monitoring regulatory changes (e.g., PIPEDA, GDPR, Quebec Law 25) and ensuring timely updates to internal controls and documentation.
• Coordinating internal and external audits, including evidence collection, control testing, and remediation tracking.
• Preparing dashboards and reports on risk posture, compliance status, and control effectiveness for review by the GRC Manager and senior leadership.
• Developing and delivering GRC-related training and awareness sessions to promote a culture of compliance and risk ownership.
• Capturing and documenting risks for inclusion in the enterprise risk register, ensuring traceability and accountability.
• Administering GRC platforms (e.g., Archer, ServiceNow GRC) and contributing to automation of workflows and reporting.
• Identifying opportunities to enhance risk management processes and drive a culture of security and compliance across the organization.
• Advising senior leadership on emerging risks, regulatory trends, and best practices.
• Influencing and building consensus among diverse stakeholders, including both technical and non-technical teams.

Senior GRC Analyst

Senior Manager – Operations Regulatory Risk

Trade Compliance Officer

Assistant Branch Manager, Compliance

Compliance & Risk Intern, Winter 2026

Senior Sales Compliance Analyst