Analyste principal.e sécurité GRC — Gestion des risques, TPRM & résilience

We're a certified B Corp organization providing a positive, transparent, and simplified mortgage financing experience. We're looking for a Senior Security Analyst GRC to implement modern compliance practices in a cloud environment.

Requirements

• 5-8 years of experience in technical security GRC, IT audit, internal audit, compliance security, or risk assurance
• Solid experience in managing audits and certifications (SOC 2, SOC 1, ISO 27001); ISO 27017/ISO 27018 experience is an asset
• Proven experience in setting up or evolving internal audit/controls capacity
• Experience with compliance automation tools (Vanta, Drata, Anecdotes, Tugboat Logic)
• Excellent ability to write and maintain policies, standards, and processes that teams can really apply
• Excellent organizational skills and attention to detail
• Ability to collaborate and ensure remediation closure with multiple teams
• Experience in scripting/automation (Python, PowerShell, Bash, APIs, SQL) is a significant asset
• English is required for writing and documentation. French spoken and read is a significant asset.

Benefits

• Competitive salary
• Stock option plan offered to all employees
• Generous vacation policy including 4 weeks of paid vacation per year
• Premium fully-paid employee benefits package including first-class insurance and unlimited access to telemedicine for you and your family from day one
• Annual health budget
• Accessible international work program
• 100% remote work (in Canada) or work from our stunning downtown Montreal office (Peel station). Dog-friendly office