×
Register Here to Apply for Jobs or Post Jobs. X

GRC Analyst

Job in Ottawa, Ontario, Canada
Listing for: Fullscript
Full Time position
Listed on 2026-02-16
Job specializations:
  • IT/Tech
    Information Security, Cybersecurity, Data Security
Salary/Wage Range or Industry Benchmark: 80000 - 100000 CAD Yearly CAD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

About Fullscript

We’re an industry-leading health technology company on a mission to help people get better. We started in 2011 with one simple idea. Make it easier for practitioners to access the products they trust so they can deliver better care.

We’re an industry-leading health technology company on a mission to help people get better. We started in 2011 with one simple idea. Make it easier for practitioners to access the products they trust so they can deliver better care. That simple idea grew into a platform that powers every part of care. Today, more than 125,000 practitioners use Fullscript for clinical insights, lab interpretations, patient analytics, education, and access to high-quality supplements.

Over 10 million patients rely on Fullscript to stay connected to their care plans and follow through on treatment.

We build tools that make care smarter and more human. Tools that save time, simplify decisions, and help practitioners stay closely connected to the people they care for. When everything they need is in one place, they can focus on what matters most: helping people get better.

What you’ll do Enterprise Risk Management
  • Identify, document, and assess security and operational risks across business units
  • Maintain a comprehensive and up-to-date enterprise risk register
  • Apply a consistent methodology for evaluating risk likelihood, impact, ownership, and treatment
  • Partner with risk owners to ensure risks are clearly articulated and appropriately managed
Risk Governance & Decision Support
  • Ensure risk acceptance, mitigation, and transfer decisions are documented, traceable, and aligned with Fullscript’s risk appetite
  • Track remediation efforts and follow up with stakeholders to ensure timely risk reduction
  • Produce clear, data-driven risk reporting and dashboards to support leadership and executive decision-making
Third-Party Risk Management
  • Support and manage Fullscript’s third‑party risk management program
  • Conduct risk assessments for vendors and partners, including onboarding and periodic reviews
  • Collaborate with Procurement, Legal, Security, and Engineering to ensure third‑party risks are identified and addressed
Cross-Functional Collaboration
  • Partner with Security, Engineering, IT, Legal, Compliance, and business teams to surface emerging risks
  • Act as a trusted partner and advisor on risk-related questions across the organization
  • Help drive clarity around risk ownership and accountability
Program Development & Continuous Improvement
  • Help define, document, and refine risk management processes, standards, and procedures
  • Contribute to policies and controls that support effective risk governance
  • Support audit, compliance, and regulatory activities by providing risk context and evidence
What you bring to the table Risk & GRC Foundations
  • Experience in governance, risk management, compliance, security operations, IT risk, or a related field
  • Understanding of security and operational risk concepts and common risk management frameworks
  • Ability to assess technical and non‑technical risks and translate them into business impact
Analytical & Communication Skills
  • Strong analytical and problem‑solving skills, with the ability to identify patterns and trends in risk data
  • Experience creating clear documentation, reports, and dashboards for technical and non‑technical audiences
  • Strong verbal and written communication skills
Collaboration & Growth Mindset
  • Ability to work cross‑functionally and influence without direct authority
  • Willingness to ask questions, seek feedback, and continuously improve processes
  • Comfortable operating in a growing, evolving environment where programs are being built and scaled
Judgment & Decision-Making
  • Strong situational awareness and judgment when evaluating risk trade‑offs
  • Ability to support and influence risk decisions with data and context
Bonus if you have
  • Experience with third‑party risk management programs
  • Familiarity with frameworks such as NIST, ISO 27001, SOC 2, CIS, or HITRUST
  • Experience supporting audits or executive and board‑level risk reporting
  • Background in security operations, compliance, or incident response
What We Can Offer You
  • Generous PTO and competitive pay
  • Fullscript’s RRSP match program…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary