Meet Benevity
Benevity is the way the world does good, providing companies (and their employees) with technology to take social action on the issues they care about. Through giving, volunteering, grantmaking, employee resource groups and micro-actions, we help most of the Fortune 100 brands build better cultures and use their power for good. We’re also one of the first B Corporations in Canada, meaning we’re as committed to purpose as we are to profits.
We have people working all over the world, including Canada, Spain, Switzerland, the United Kingdom, the United States and more!
Benevity is seeking a Governance, Risk & Compliance (GRC) Analyst to support and grow our security governance, risk, privacy, and regulatory program. In this role, you will contribute to the execution of Benevity’s GRC program by supporting compliance activities, assisting with risk assessments, contributing to third‑party risk management, responding to client due diligence requests, and helping maintain the policies and controls that strengthen trust with our clients, partners, and stakeholders.
Working alongside experienced GRC professionals, you will build your skills in information security, compliance, and risk management while helping ensure Benevity aligns with leading standards, privacy laws, and regulatory requirements. This is a hands‑on role with significant learning and growth opportunities across governance, risk, audit, and privacy domains.
What you’ll do:Governance & Policy
- Assist in maintaining and rolling out security and privacy policies, standards, and control frameworks aligned to ISO 27001, SOC 2, NIST, PCI DSS, GDPR, PIPEDA, FINTRAC, and other global regulations.
- Support policy exception management, attestation processes, and identify opportunities for process improvement.
- Assist with enterprise risk assessments, including vendor and process‑level reviews.
- Support maintenance of the risk register, track remediation activities, and assist with risk treatment planning.
- Contribute to Benevity’s Third‑Party Risk Management (TPRM) program, including vendor onboarding assessments, ongoing monitoring, and remediation tracking.
- Support audit readiness and response efforts for ISO 27001, SOC 2, PCI DSS, GDPR, PIPEDA, FINTRAC, and other frameworks.
- Assist with evidence gathering, control validation, and auditor engagement.
- Leverage GRC platforms to support audit, privacy, and compliance workflows.
- Support the sales process by responding to client inquiries related to security, privacy, and compliance.
- Complete customer security questionnaires, RFPs, and third‑party risk management (TPRM) requests.
- Partner with sales and client success teams to provide timely, accurate responses that build client trust.
- Support privacy‑related initiatives across jurisdictions (GDPR, PIPEDA, CCPA/CPRA, and others).
- Collaborate with legal and data governance teams to help ensure compliance with data protection and financial crime regulations.
- Assist with FINTRAC‑related compliance requirements, including reporting and risk assessments related to AML/ATF obligations.
- Monitor regulatory changes (privacy, AML, financial crime) and help align internal processes accordingly.
- Partner with business and technical teams to support the embedding of risk and compliance into projects and initiatives.
- Assist in delivering reporting and insights (dashboards, risk metrics, summaries) for leadership.
- Contribute to Benevity’s Security Awareness & Training program, including awareness campaigns, training modules, and phishing simulations.
- Contribute to training, documentation, and awareness activities that strengthen Benevity’s security, privacy, and compliance culture.
- 2–4 years of experience in cybersecurity, governance, risk, compliance, or privacy, ideally in a SaaS or technology‑driven environment. (For a Junior GRC Analyst, we welcome candidates with 0–2 years of experience, including relevant internship, co‑op, or academic project experience.)
- Working knowledge of security, privacy, and regulatory frameworks…
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: