GRC Analyst supporting enterprise risk management and compliance at Coupa. Analyzing risk data and maintaining vendor assessments in a collaborative environment.
About the role
- Information Services Co-op supporting cybersecurity governance, risk, and compliance along with IT contract management at Aecon, a leader in infrastructure development.
Responsibilities
- Assist in the development, maintenance, and implementation of the Information Security GRC program.
- Conduct risk assessments, vulnerability assessments, and gap analyses to identify security risks and compliance gaps.
- Support the creation, review, and updating of security policies, standards, SOPs, and process documentation.
- Maintain and update the organization’s security controls library.
- Perform compliance checks to ensure security controls are implemented and functioning as intended.
- Assist in collecting evidence for audits, assessments, and certification activities (e.g., SOC 2, ISO, internal audits).
- Collaborate with stakeholders across Information Services and business units to embed security and compliance requirements into processes and projects.
- Support the review and processing of IT-related procurement requests, including software renewals, new tools, hardware, SaaS platforms, and professional services.
- Assist in drafting, reviewing, and organizing contract documentation such as Statements of Work (SOWs), Master Service Agreements (MSAs), and Data Processing Agreements (DPAs).
- Work with the Procurement team and IS leadership to ensure contracts align with security, legal, and compliance requirements.
- Coordinate with vendors to gather necessary documentation, clarify contract requirements, and track deliverables.
- Support RFX processes (RFQs, RFIs, RFPs) by helping prepare documents, consolidate vendor responses, and evaluate submissions.
- Help maintain vendor records, contract repositories, renewal calendars, and risk assessments in collaboration with IT and Procurement.
- Assist in monitoring vendor performance and compliance with contractual obligations, including cybersecurity expectations.
Requirements
- Currently enrolled in a Computer Science, Information Security or equivalent program
- Familiarity with risk assessment methodologies and tools
- Strong analytical and organizational skills with high attention to detail.
- Excellent communication skills with the ability to collaborate across teams.
- Ability to manage multiple tasks, prioritize effectively, and work in a fast-paced environment.
- Experience with Excel, SharePoint, or document management tools is an asset.
Benefits
- Ensure you and your family receive the services needed to support your mental, emotional, and physical well-being.
- Believe in helping you build your career through our Aecon University and Leadership Programs.
- Are committed to supporting and investing in inclusive work environments, through initiatives like Equity, Diversity & Inclusion training, our Aecon Women in Trades and Aecon Diversity in Trades programs, and our Employee Resource Groups (ERGs) to ensure we are building inclusion into every aspect of our culture at Aecon.
- Are a leader in sustainable construction. With a strong commitment to operating responsibly by minimizing our impact on the environment and surrounding communities.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Regulatory Compliance Manager at Moneycorp managing compliance oversight and advisory for payments and MiFID - regulated entities. Ensuring compliance with regulations and managing regulatory risks to support the business growth.
Head of Analytics and Portfolio Intelligence at Nium delivering risk and compliance analytics. Shaping governance and proactive risk reporting within a top fintech company.
Agent ou agente de soutien aux programmes et à la conformité at Collège Boréal. Collaborating on compliance and quality assurance processes and tools.
Regulatory Associate managing US/regional contributions to Global Regulatory Strategies and implementation plans at Pfizer. Collaborating with cross - functional teams ensuring compliance with regulations while advancing patient access.
Graduate role in FinTech focusing on Regulatory Reporting solutions with clients at Suade. Working directly on implementation projects and contributing to regulatory change initiatives.
AVP Enterprise Compliance managing compliance relationships and oversight for financial services. Collaborating with clients and maintaining compliance programs in Sioux Falls.
Seeking a Summer Student Intern for Risk Compliance at Tarion. Engage in multimedia creation while learning risk management skills in a hybrid work environment.
Regulatory Affairs Manager leading regulatory submissions for medical device company. Ensuring compliance with global regulations and facilitating market access for products.
Sales Admin & Compliance Specialist at Zalaris managing sales processes and ensuring contract compliance. Supporting the sales team with document management and CRM development.