Senior Associate supporting compliance solutions for institutional clients in asset management. Delivering regulatory compliance and risk management expertise within a hybrid work environment.
About the role
- Senior GRC Analyst at McCarthy Tétrault managing cybersecurity risk assessments and audits. Implementing GRC policies and ensuring compliance with regulatory changes.
Responsibilities
- Implementing and maintaining GRC policies, procedures, and controls aligned with ISO/IEC 27001:2022, NIST, and other relevant standards.
- Conducting risk assessments across business units, IT systems, and third-party vendors.
- Tracking and reporting on risk mitigation plans and residual risk.
- Monitoring regulatory changes (e.g., PIPEDA, GDPR, Quebec Law 25) and ensuring timely updates to internal controls and documentation.
- Coordinating internal and external audits, including evidence collection, control testing, and remediation tracking.
- Preparing dashboards and reports on risk posture, compliance status, and control effectiveness for review by the GRC Manager and senior leadership.
- Developing and delivering GRC-related training and awareness sessions to promote a culture of compliance and risk ownership.
- Capturing and documenting risks for inclusion in the enterprise risk register, ensuring traceability and accountability.
- Administering GRC platforms (e.g., Archer, ServiceNow GRC) and contributing to automation of workflows and reporting.
- Identifying opportunities to enhance risk management processes and drive a culture of security and compliance across the organization.
- Advising senior leadership on emerging risks, regulatory trends, and best practices.
- Influencing and building consensus among diverse stakeholders, including both technical and non-technical teams.
Requirements
- Bachelor’s degree in Information Security, Risk Management, or a related field.
- Minimum 5 years of experience in GRC, risk management, or compliance roles.
- Certifications such as ISO/IEC 27001 Lead Auditor, CIPP, CISM, CRISC, or CISSP preferred.
- Strong analytical, communication, and interpersonal skills, with the ability to translate technical risks into business impact, influence decision-making, and build consensus across diverse stakeholders.
- Experience working in cross-functional teams and managing multiple priorities.
- Familiarity with change management, disaster recovery, and business continuity practices.
- Experience with workflow automation and reporting within GRC or AI platforms is an asset.
- Hands-on experience with GRC tools (e.g., Archer, ServiceNow GRC) is preferred.
Benefits
- Outstanding benefits from day one, including insurance premiums paid by the Firm and wellness and technology reimbursements.
- Competitive compensation, paid overtime and generous time off, including a day off to volunteer and a day off for your birthday.
- A commitment to professional development and growth opportunities for our people at all levels, supported by a culture that fully embraces and encourages two-way feedback.
- Strong community involvement and a commitment to equity, diversity and inclusion.
- A collaborative, cohesive culture that connects lawyers and business teams through collective purpose.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Compliance Analyst supporting the management of compliance models and processes at Tenpo. Contributing to building a solid compliance culture focusing on crime prevention and data protection.
Advertising Compliance Specialist ensuring compliance and operational excellence in the insurance sector. Collaborating on regulatory changes and supporting product development in a hybrid role.
Intern coordinating regulatory projects and compliance for Eversource Energy, engaging with legal, regulatory, and business teams. Involves monitoring regulatory changes and ensuring compliance across your duties.
Regulatory Policy Specialist developing regulatory case filings and strategies supporting company goals at Xcel Energy. Collaborating with stakeholders and senior management to ensure compliance and effective communication.
Manager overseeing leave and immigration compliance at Cedars - Sinai Medical Center. Ensuring adherence to laws while leading HR and compliance teams.
Experienced Quality Systems Specialist at Boeing supporting FAA Certification activities. Involves quality assurance plans and audits in manufacturing and regulatory environments.
Chief of Regulation overseeing programmatic and operational activities for Florida's Division of Licensing. Responsible for budget management and ensuring compliance with policies and procedures.
Compliance Business Oversight Manager managing compliance risk at TD Bank. Overseeing Affiliate Transactions Data Review and providing insights on regulatory compliance.
Regulatory Affairs Professional creating clinical evaluation documents for medical devices in a fast - growing biotech company. Collaborating with stakeholders and ensuring compliance with regulations.