CrawlJobs Logo

Grc Analyst

Canada, Ottawa 100000.00 - 120000.00 CAD / Year · Job Posted February 17, 2026
Apply Position
Job Link Share

Job Description

Fullscript is currently looking for a GRC Analyst (Risk) to join our growing Security team and help establish and scale foundational risk management practices across the organization. The Security team is responsible for product security, governance, risk, compliance, as well as security operations and incident response. This role is critical to evolving Fullscript’s risk management approach from an ad hoc, reactive model to a structured, proactive, and measurable enterprise risk program. You will work closely with teams across Fullscript to identify, assess, and track security and operational risks, while providing leadership with clear visibility into the company’s risk posture.

Job Responsibility

  • Identify, document, and assess security and operational risks across business units
  • Maintain a comprehensive and up-to-date enterprise risk register
  • Apply a consistent methodology for evaluating risk likelihood, impact, ownership, and treatment
  • Partner with risk owners to ensure risks are clearly articulated and appropriately managed
  • Ensure risk acceptance, mitigation, and transfer decisions are documented, traceable, and aligned with Fullscript’s risk appetite
  • Track remediation efforts and follow up with stakeholders to ensure timely risk reduction
  • Produce clear, data-driven risk reporting and dashboards to support leadership and executive decision-making
  • Support and manage Fullscript’s third-party risk management program
  • Conduct risk assessments for vendors and partners, including onboarding and periodic reviews
  • Collaborate with Procurement, Legal, Security, and Engineering to ensure third-party risks are identified and addressed
  • Partner with Security, Engineering, IT, Legal, Compliance, and business teams to surface emerging risks
  • Act as a trusted partner and advisor on risk-related questions across the organization
  • Help drive clarity around risk ownership and accountability
  • Help define, document, and refine risk management processes, standards, and procedures
  • Contribute to policies and controls that support effective risk governance
  • Support audit, compliance, and regulatory activities by providing risk context and evidence

Requirements

  • Experience in governance, risk management, compliance, security operations, IT risk, or a related field
  • Understanding of security and operational risk concepts and common risk management frameworks
  • Ability to assess technical and non-technical risks and translate them into business impact
  • Strong analytical and problem-solving skills, with the ability to identify patterns and trends in risk data
  • Experience creating clear documentation, reports, and dashboards for technical and non-technical audiences
  • Strong verbal and written communication skills
  • Ability to work cross-functionally and influence without direct authority
  • Willingness to ask questions, seek feedback, and continuously improve processes
  • Comfortable operating in a growing, evolving environment where programs are being built and scaled
  • Strong situational awareness and judgment when evaluating risk trade-offs
  • Ability to support and influence risk decisions with data and context

Nice to have

  • Experience with third-party risk management programs
  • Familiarity with frameworks such as NIST, ISO 27001, SOC 2, CIS, or HITRUST
  • Experience supporting audits or executive and board-level risk reporting
  • Background in security operations, compliance, or incident response

What we offer

  • Generous PTO and competitive pay
  • Fullscript’s RRSP match program for financial health
  • Flexible benefits package and workplace wellness program
  • Training budget and company-wide learning initiatives
  • Discount on Fullscript catalog of products
  • Ability to work Wherever You Work Well

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Grc Analyst

8 matching positions

Grc Analyst

We are seeking a detail-oriented GRC (Governance, Risk, and Compliance) Analyst ...
Location
Location
United States , Austin
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5 years of experience in GRC, IT audit, risk management, or information security
  • Experience working within one or more frameworks (SOC 2, ISO 27001, NIST CSF, SOX, etc.)
  • Familiarity with control design, testing methodologies, and audit processes
  • Experience collaborating with cross-functional teams (IT, Security, Legal, Finance)
  • Strong documentation, communication, and organizational skills
Job Responsibility
Job Responsibility
  • Support governance, risk, and compliance programs across IT and business functions
  • Conduct risk assessments, control testing, and gap analysis for systems and processes
  • Assist with audit readiness efforts (internal/external), including evidence collection and documentation
  • Maintain and update policies, procedures, and control frameworks
  • Monitor compliance against frameworks such as SOC 2, ISO 27001, NIST, HIPAA, PCI-DSS, or SOX (as applicable)
  • Track remediation efforts and partner with stakeholders to address audit findings and control gaps
  • Support third-party/vendor risk assessments and ongoing monitoring
  • Leverage GRC tools to manage risk registers, controls, and reporting
  • Provide reporting and dashboards on risk posture and compliance status to leadership
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
Read More
Arrow Right

Grc Analyst

We are looking for a proactive and analytical GRC Analyst to join our CISO team....
Location
Location
India , Pune
Salary
Salary:
Not provided
checkmarx.com Logo
Checkmarx
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Computer Science, Risk Management, or related field
  • 2+ years of experience in GRC, enterprise risk management, or information security roles
  • Experience supporting SOC 2 and/or ISO 27001 audits
  • Working knowledge of privacy regulations and information security frameworks (e.g., NIST, CIS, ISO 27001, GDPR)
  • Experience with GRC platforms or risk management tools (e.g., OneTrust, ServiceNow, Archer) is an advantage
  • Familiarity with cloud security concepts (AWS, Azure, GCP) and SaaS environments
  • One or more of the following Certificates (Highly desirable): CISSP, CRISC, CISA, CISM, CGRC
Job Responsibility
Job Responsibility
  • Maintain and continuously improve the Enterprise Risk Management framework
  • Facilitate enterprise-wide risk assessments across business units
  • Develop and maintain risk taxonomy, scoring methodology, and risk registers
  • Define and monitor Key Risk Indicators (KRIs) and risk metrics
  • Conduct control effectiveness reviews in partnership with control owners
  • Support risk assessments related to cloud, SaaS, AI, and emerging technologies
  • Ensure compliance with relevant laws, regulations, and standards (e.g., SOC 2, ISO 27001, NIST, GDPR)
  • Support internal and external audits, including evidence collection, documentation preparation, and stakeholder coordination
  • Collaborate with cross-functional teams, including Legal, Procurement, R&D, and IT, to address GRC-related matters
  • Assist in the continuous improvement of GRC programs and initiatives
What we offer
What we offer
  • great work environment
  • professional development
  • challenging careers
  • competitive compensation
  • great work-life balance
  • great benefits and perks throughout the year
  • Fulltime
Read More
Arrow Right

Grc Analyst

Rogo is hiring a GRC Analyst to support our customer trust, security assurance, ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
rogodata.com Logo
Rogo
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience supporting customer-facing security, compliance, or trust functions at a SaaS or cloud-native company
  • Comfortable translating technical security concepts into clear, concise written responses
  • Understand common enterprise security expectations across areas such as cloud infrastructure, access control, data protection, and incident response
  • Detail-oriented and capable of managing multiple parallel requests without sacrificing quality
  • Communicate clearly with both technical and non-technical stakeholders
  • Exercise strong judgment when handling sensitive or ambiguous security questions
  • Enjoy operating at the intersection of security, compliance, and customer engagement
Job Responsibility
Job Responsibility
  • Support Rogo’s customer trust and security assurance processes, including responding to customer security inquiries and risk assessments
  • Serve as a key point of contact for customer security reviews, partnering with internal teams to provide accurate, consistent, and timely responses
  • Maintain and improve Rogo’s security documentation and response materials, ensuring alignment with current systems and controls
  • Collaborate with security and engineering teams to understand and articulate technical controls in a customer-facing context
  • Support compliance initiatives across frameworks such as SOC 2, ISO 27001, ISO 42001, EU AI Act, UK Cyber Essentials, and GDPR, including evidence collection and audit readiness
  • Identify common themes and gaps surfaced through customer inquiries and contribute to continuous improvement of security and compliance practices
  • Help streamline and scale trust-related workflows as customer volume and enterprise requirements grow
  • Fulltime
Read More
Arrow Right

GRC Analyst

A GRC Analyst within the Cyber Governance, Risk, and Compliance (GRC) team is a ...
Location
Location
United States , Las Vegas; Austin
Salary
Salary:
119932.00 - 222732.00 USD / Year
aristocratgaming.com Logo
Aristocrat Gaming
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s degree and 2 years of experience in cybersecurity field
  • University / bachelor’s degree and 4 years’ experience in cybersecurity field
  • Associate’s degree and 8 years' experience in cybersecurity field
  • Experience in Learning and Development or Communications is a plus
  • Experience in policy management lifecycle management from creation to communication to delivery
  • Working knowledge of cybersecurity awareness training terminology such as phishing, smishing, ransomware, etc.
  • Experience designing and deploying corporate-level awareness programs
  • Ability to create and deliver on strategic needs for awareness and training program
  • Experience in using Artificial Intelligence (AI) tools to create, refine, personalize, and deliver training content
  • Comprehensive and effective communication skills
Job Responsibility
Job Responsibility
  • Maintain and continuously improve the cybersecurity Policies Program
  • Process and assess risk exceptions to Aristocrat Security Policies, Standards, and Technical Security Requirements
  • Manage and advance a Security Awareness and Training Program
  • Continuously deliver maturity enhancements to the Security Awareness program using AI tools
  • Create role-based training curriculum across the organization focusing on the protection of resources and data
What we offer
What we offer
  • health, dental, and vision insurance
  • paid time off
  • 401(k) plan with employer matching
  • Fulltime
Read More
Arrow Right

Senior Cyber Security GRC Analyst

We are currently seeking a Senior Cyber Security GRC Analyst to join FinXL and t...
Location
Location
Australia , North Sydney
Salary
Salary:
Not provided
finxl.com.au Logo
FinXL
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience as a Senior Cyber Security GRC Analyst
  • Strong experience in Cyber Security GRC, Risk, or Compliance roles
  • Experience working with control frameworks such as NIST SP 800-53
  • Experience writing policies, standards, and control documentation from scratch
  • Experience conducting control assurance, testing or audit support activities
  • Experience in stakeholder engagement, running workshops & influencing outcomes
  • Experience implementing security controls
  • Experience in control uplift or transformation programs
  • Experience translating NIST security controls into clear, business-friendly requirements
  • Experience defining control objectives, parameters & implementation guidance aligned to organisational context
Job Responsibility
Job Responsibility
  • Support the definition, documentation & assurance of security controls aligned to NIST SP 800-53
Read More
Arrow Right

Senior Staff Analyst, GRC

Mozilla Corporation is the non-profit-backed technology company that has shaped ...
Location
Location
Germany;Canada;Spain;United States;United Kingdom
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of progressive experience in developing and delivering an integrated GRC framework
  • Strong understanding and deep knowledge of regulatory frameworks, processes and tools related to building a robust GRC framework
  • Experience leading and delivering cross functional requirements for product & enterprise teams to implement controls and measures to meet compliance requirements
  • Relevant industry certifications (CISA, CISSP, CISM, CRISC, etc)
  • Hands-on understanding of using various technology and tools (SEIM, BI Tools, )
  • Ability to develop Root Cause Analysis (RCA) and remediation plans to resolve risk deficiencies working with respective stakeholder teams
  • Strong critical thinking skills with the ability to drive long term organizational impact
  • A background that demonstrates a bias for action and the ability to navigate constraints in order to achieve business outcomes
  • Ability to collaborate and influence a diverse group of stakeholders to address cross-functional challenges and lead change
Job Responsibility
Job Responsibility
  • Develop and maintain a comprehensive GRC strategy and roadmap aligned with business objectives
  • Lead the creation and enforcement of standards, policies, controls, audits, reporting across various enterprise and product verticals
  • Develop and operationalize a risk assessment and management framework on a periodic basis to enable prioritization and remediation of critical issues
  • Define and deliver measurable scorecards and metrics to enable data driven decision making
  • Ensure compliance with various regulatory standards and frameworks (ISO, NIST, SOC2, CCPA, GDPR, etc)
  • Lead internal and external audit activities including tracking and resolving deficiencies and remediations
  • Partner closely with Legal / IT / Finance / Security to align on the GRC program and deliver a cohesive integrated risk management framework
  • Led defining requirement and reporting (scorecards) of data life cycle management across enterprise and product domains working with data platform and legal team
What we offer
What we offer
  • Generous performance-based bonus plans
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting
  • Quarterly all-company wellness days
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right

Senior Staff Analyst, GRC

The role is part of the Security Function within the broader Mozilla Infrastruct...
Location
Location
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of progressive experience in developing and delivering an integrated GRC framework
  • Strong understanding and deep knowledge of regulatory frameworks, processes and tools related to building a robust GRC framework
  • Experience leading and delivering cross functional requirements for product & enterprise teams to implement controls and measures to meet compliance requirements
  • Relevant industry certifications (CISA, CISSP, CISM, CRISC, etc)
  • Hands-on understanding of using various technology and tools (SEIM, BI Tools)
  • Ability to develop Root Cause Analysis (RCA) and remediation plans to resolve risk deficiencies working with respective stakeholder teams
  • Strong critical thinking skills with the ability to drive long term organizational impact
  • A background that demonstrates a bias for action and the ability to navigate constraints in order to achieve business outcomes
  • Ability to collaborate and influence a diverse group of stakeholders to address cross-functional challenges and lead change
Job Responsibility
Job Responsibility
  • Governance : develop and maintain a comprehensive GRC strategy and roadmap aligned with business objectives. Lead the creation and enforcement of standards, policies, controls, audits, reporting across various enterprise and product verticals
  • Risk Mgmt : develop and operationalize a risk assessment and management framework on a periodic basis to enable prioritization and remediation of critical issues. Define and deliver measurable scorecards and metrics to enable data driven decision making
  • Compliance : ensure compliance with various regulatory standards and frameworks ( ISO, NIST, SOC2, CCPA, GDPR, etc). Lead internal and external audit activities including tracking and resolving deficiencies and remediations
  • Partner closely with Legal / IT / Finance / Security to align on the GRC program and deliver a cohesive integrated risk management framework
  • Led defining requirement and reporting (scorecards) of data life cycle management across enterprise and product domains working with data platform and legal team
What we offer
What we offer
  • Generous performance-based bonus plans
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting
  • Quarterly all-company wellness days
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right

Information Security GRC Analyst

Our Financial Services client has an exciting vacancy within their Information S...
Location
Location
United Kingdom , Liverpool
Salary
Salary:
40000.00 - 50000.00 GBP / Year
brosterbuchanan.com Logo
Broster Buchanan
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2 – 3 years’ experience in information security roles
  • Experience with risk assessment methodologies
  • Excellent analytical and problem-solving skills with attention to detail
  • Strong communication skills with the ability to explain complex security concepts to non – technical stakeholders
  • Knowledge of information security frameworks such as ISO 27001 or NIST
  • Eligibility to work in the UK
Job Responsibility
Job Responsibility
  • Work with all parties across the business to identify and assess risk and ensure mitigations are tracked to completion
  • Support the development and maintenance of information security policies, standards and procedures in line with regulatory frameworks and industry standards
  • Support third party risk management processes
  • Work with Security Operations and IT teams to provide oversight of vulnerability assessments and remediation activities
  • Manage security architecture reviews for new systems and services
  • Evaluate security controls and recommending improvements
  • Support the implementation of security tools and technologies
  • Provide oversight of the security incident management process
  • Provide security metrics for interested parties at all levels
  • Support the security awareness programme to promote a culture of security within all levels of the Group
  • Fulltime
Read More
Arrow Right