• We are seeking a highly motivated and detail-oriented GRC Analyst to join our growing team
• In this role, you will play a crucial part in supporting our compliance, risk management, and privacy initiatives
• You will work closely with the Director of Security & GRC and the Sr
• GRC Analyst, collaborating with cross-functional teams to ensure adherence to regulatory requirements, industry standards, and internal policies
• This is an excellent opportunity for someone looking to contribute meaningfully to a dynamic and fast-paced environment
• Serve as a key resource in supporting all audit-related activities including bank partner audits, SOC 2 reporting, and assessments against regulatory and industry standards (e.g., ISO, NIST)
• Respond to compliance requests, including detailed security questionnaires, request for proposals (RFPs), and bank partner due diligence requests
• Utilize remediation reports and findings analysis to identify trends and systemic weaknesses, actively working to bolster the organization’s security and compliance posture
• Collaborate with cross-functional teams to ensure compliance with contractual obligations, laws, regulations, and internal policies
• Contribute to the development and implementation of GDPR-compliant data privacy policies and procedures
• Maintain policies, practices, and procedures related to the ethical use and security of Artificial Intelligence (AI), ensuring compliance with emerging AI regulations and internal best practices
• Maintain, revise, and communicate organizational security policies, standards, and procedures to ensure they align with emerging regulations, evolving technology, and business objectives

Benefits

• 4-Week Vacation
• Health & Wellness Coverage
• 100% Parental Leave Top-Up
• Downtown Vancouver Offices & Amenities including fitness centre
• Daily Coffee Runs & Weekly Team Lunches
• MacBook / Apple equipment- Compliance certifications (e.g., CISA, CIPP, Security +) are a plus
• 3+ years of experience in a compliance, risk management, or related role
• Bachelor’s degree or equivalent work experience
• Exceptional ability to translate complex security requirements and control deficiencies into clear, actionable language for both technical staff and business stakeholders
• Familiarity in AI/ML risks and control requirements for responsible AI deployment
• Working knowledge of data privacy laws (PIPEDA, GDPR, CCPA)
• Ability to work independently and collaboratively
• Excellent attention to detail, organizational skills, and problem-solving abilities
• Strong understanding of compliance and audit principles including SOC 2 & ISO