Risk and Compliance Analyst
Join a Montreal headquarter company that helps organizations around the world create a personalized journey of impact and fulfillment for their people. Explorance offers innovative People Insight Solutions because we believe that each experience matters.
Reporting to the InfoSec Compliance and Governance Officer based in Montreal, your role as a Risk and Compliance Analyst will be to contribute to improving Explorance’s security and privacy compliance maturity level. You will liaise with Business, HR, Development, and IT teams to support the implementation of controls, monitor compliance activities, perform weekly follow-up on remediation activities, deliver compliance related training, collaborate with external auditors, and contribute to IT Compliance
The position is core to Explorance’ s overall Information Security Program including but not limited to daily operations of the security program, oversight of the annual and ongoing risk-based programs, development, implementation, and update of policies and procedures, ensuring the confidentiality, integrity and access to information and of monitoring program compliance as well as support investigation and tracking of incidents and in compliance with local and global regulations and legal requirements.
This is a posting for a full-time, in-office position at our Montreal, Canada headquarters. All candidates must already be eligible to work in Canada. Foreign candidates that do not clarify their eligibility to work in Canada will not be considered.
What you will do as our new Risk and Compliance Analyst:
- Perform quarterly internal audits of Explorance’s InfoSec and Governance controls;
- Stay up to date with, and ensure compliance with applicable laws and regulations;
- Develop, communicate, and review policies and processes;
- Perform occasional internal audits; and escalate and manage compliance issues to resolution;
- Co-manage the Explorance Security Awareness portal and campaigns;
- Curate and develop the Compliance and Governance knowledge repository regarding security and privacy regulations, best practices, tools, and techniques;
- Support the internal business units throughout the SOC2 audit cycle;
- Liaise between internal stakeholders and external auditors;
- Assist in the documentation and communication of regularly scheduled validation of common controls;
- Assist in the development, reporting, and institutionalization of risk-based compliance programs (annual programs vs. periodic programs);
- Create and institutionalize standard templates to record audit findings and document related procedure manuals;
- Communicate pertinent, documented, and timely updates to concerned parties regarding changes in controls, procedures, or requirements;
- Collaborate on special projects.
What you need to succeed in that role:
- Bachelor’s degree, or minimum 5 years’ experience in IT, SecOps, Risk Management, Audit, or another related domain.
- Awareness of SOC 2 and the related control criteria is a must, experience is preferred;
- Experience in risk management & internal auditing;
- Working knowledge of ITIL, or COBIT. Certification in either is preferred;
- Demonstratable skills with Microsoft SharePoint, advanced Excel formatting and calculations, collaborative use of Word and group sharing;
- Excellent awareness of Business Process Management (BPM) and maturity models;
- Knowledge of current privacy laws, and awareness of upcoming regulations;
- Strong writing and analytics skills
- Excellent ability to work with all business units within the organization (Sales, Support, Security, Operations, C-Level)
- High level of ethics and able to work independently
- Excellent grasp English, French, spoken and written
- Excellent ability to effectively communicate with various types of stakeholders a must (C-level, Sales, HR, IT)
- Proven ability to work well under pressure to meet deadlines
- Service-oriented with the ability to communicate well with other business units
Kindly note that employment is contingent upon receipt of a satisfactory background and reference check.
Founded in 2003, Explorance supports more than 20 million students and employees in their professional journey of purpose, growth, and impact.
As the leading provider of People Insight Solutions, Explorance focuses on where people experiences converge with talent effectiveness. By connecting the moments that matter, we bring together a unified picture of needs, expectations, skills, knowledge, and competency. By providing proven measurement expertise and decision-grade AI-enabled recommendations, we help accelerate the insight-to-action cycle, enabling organizational agility and individual success.
Headquartered in Montreal with business units in Chicago, Chennai, Melbourne, Amman, and London, Explorance works with 25% of the Fortune 100 companies and the world’s top Higher Education institutions. Explorance has been consistently recognized for its culture of high trust by the Great Place to Work® Institute, and as a Deloitte Technology Fast 500™ organization. To learn more, please visit Explorance.com or connect with us on LinkedIn, Facebook, and Twitter.