Job Description

Meet Benevity Benevity is the way the world does good, providing companies (and their employees) with technology to take social action on the issues they care about. Through giving, volunteering, grantmaking, employee resource groups and micro-actions we help the majority of Fortune 100 brands build better cultures and use their power for good. We’re also one of the first B Corporations in Canada, meaning we are as committed to purpose as we are to profits. We have people working all over the world, including Canada, Spain, Switzerland, the United Kingdom, the United States and more. Benevity is seeking a Senior Governance Risk & Compliance (GRC) Analyst to elevate our security governance, risk, privacy and regulatory program. In this senior role you will drive execution, innovation and continuous improvement of Benevity’s GRC program, lead compliance activities, conduct risk assessments, contribute to third‑party risk management, respond to client due‑diligence requests, support FINTRAC/AML obligations, and influence policies and controls that strengthen trust with our clients, partners and stakeholders. What you’ll do Contribute to the development and maintenance of security and privacy policies, standards and control frameworks aligned with ISO 27001, SOC 2, NIST, PCI DSS, GDPR, PIPEDA, FINTRAC and other global regulations. Support policy approvals, exception handling and attestation processes while identifying opportunities for automation and process improvements. Lead and execute enterprise risk assessments, including vendor and process‑level reviews. Maintain and enhance the enterprise risk register, track remediation efforts and support risk treatment planning. Support Benevity’s Third‑Party Risk Management program, including vendor assessments, monitoring and remediation tracking. Lead readiness and response efforts for ISO 27001, SOC 2, PCI DSS, GDPR and other audits and certifications. Coordinate evidence collection, control validation and engagement with auditors and external assessors. Use GRC platforms to streamline audit, privacy and compliance workflows. Support Sales by responding to client inquiries, RFPs and third‑party risk requests related to security and privacy. Partner with Sales and Client Success to deliver accurate, timely information that builds client trust and confidence. Support cross‑jurisdictional privacy compliance initiatives (GDPR, PIPEDA, CCPA/CPRA) in collaboration with Legal and Data Governance. Assist with FINTRAC‑related requirements, including AML/ATF risk assessments and reporting. Monitor privacy, AML and financial crime regulations and contribute to process alignment and compliance readiness. Partner with business and technical teams to embed risk and compliance into key initiatives. Deliver executive‑ready reports, dashboards and risk insights to inform leadership decision‑making. Lead the Security Awareness & Training program, including campaigns, training modules and phishing simulations. Create documentation, training and awareness activities that promote a strong culture of security, privacy and compliance. Mentor junior team members by providing guidance, feedback and knowledge sharing to support their development. What you’ll bring 5 years of experience in cybersecurity governance, risk, compliance or privacy, ideally in a SaaS or high‑growth environment. Strong knowledge of security, privacy and regulatory frameworks, including ISO 27001, NIST, SOC 2, PCI DSS, GDPR, PIPEDA, FINTRAC and CCPA/CPRA. Hands‑on experience with GRC tooling (e.g. OneTrust, Hyperproof, SecurityPal, AuditBoard, Drata) to manage policies, risks, audits, privacy and vendor‑risk workflows. Proven success in conducting risk assessments, managing vendor risk/TPRM, maintaining risk registers and driving remediation. Experience supporting client due‑diligence processes (security questionnaires, RFPs, TPRM). Ability to clearly communicate risk, security, privacy and regulatory concepts to both technical and non‑technical stakeholders. Strong organizational and project‑management skills with experience leading cross‑functional initiatives. A demonstrated interest and track record in leveraging automation and AI to streamline GRC processes and enhance efficiency. Certifications such as CISM, CRISC, CISSP, CISA or CIPM/CIPP are highly valued. Discover your purpose at work We’re not just employees; we’re Benevity‑ites. From all locations, backgrounds and walks of life, we deserve more than just an innovative job. We offer growth opportunities, caring co‑workers and a chance to do work that fills us with a sense of purpose. If the idea of working on tech that helps people do good in the world lights you up, and you want a career where you’re valued for who you are and challenged to see who you can become, it’s time to join Benevity. We’re so excited to meet you. Where We Work At Benevity we embrace a flexible hybrid approach to where we work that empowers our people to produce great work, build strong relationships and nurture personal well‑being. For those located near one of our offices, while there’s no set requirement for in‑office time, we do value the moments when coming together in person helps us build connection and collaboration. When onboarding, project work or aligning as a team, we trust our people to make thoughtful decisions about when showing up in person matters most. Join a company where DEIB isn’t a buzzword Diversity, equity, inclusion and belonging are part of Benevity’s DNA. You’ll see the impact of our massive investment in DEIB daily through our well‑supported employee resource groups and the exceptional diversity of our leadership and tech teams. We know that diverse backgrounds, experiences, skills and passions move our business and our people forward, so we’re committed to creating a culture of belonging with equal opportunities for everyone to shine. That starts with a fair and accessible hiring process. If you want to feel seen, heard and celebrated, you belong at Benevity. Candidates with disabilities who may require accommodations throughout the hiring or assessment process are encouraged to reach out to us. #J-18808-Ljbffr Benevity

Job Tags

Similar Jobs