Director, Governance, Risk, and Compliance (GRC)

Meet Benevity

The worlds coolest companies (and their employees) use Benevitys technology to take social action on the issues they care about. Through giving volunteering grantmaking employee resource groups and micro-actions we help most of the Fortune 100 brands build better cultures and use their power for good. Were also one of the first B Corporations in Canada meaning were as committed to purpose as we are to profits. We have people working all over the world including Canada Spain Switzerland United Kingdom the United States and more!

We are looking for a strategic and hands-on Director of Governance Risk and Compliance (GRC) to build and lead a high-performing function responsible for ensuring the ethical secure and compliant operation of our business. This individual will develop and oversee frameworks and processes that support regulatory compliance privacy financial integrity enterprise risk management and the safe effective movement of funds across our platform.

You will report to the Associate Vice President of Information Security and collaborate closely with stakeholders across Legal Finance Product Engineering Client Success and more. This is an ideal opportunity for a GRC leader with a strong mix of operational experience regulatory knowledge and a passion for enabling innovation through trust and accountability.

What youll do:

• Develop and maintain security privacy and compliance policies aligned with industry standards and evolving regulations
• Oversee internal controls supporting security data protection and financial integrity and lead audits self-assessments and readiness for certifications (e.g. SOC 2 ISO 27001)
• Design and lead an enterprise risk management framework working with senior leaders to embed risk mitigation into operations and planning and provide regular insights to leadership
• Ensure global privacy compliance (e.g. GDPR CCPA) in partnership with Legal and Product while managing DPIAs DSARs and promoting a privacy-by-design culture
• Oversee compliance with financial reporting standards charitable disbursement regulations AML and sanctions screening ensuring readiness for regulatory changes
• Build client trust by demonstrating Benevitys security and compliance maturity; engage with clients and partners to provide transparency and respond to due diligence requests
• Support contract reviews to ensure alignment between client requirements and Benevitys security and privacy controls
• Implement scalable GRC tools to automate policy risk audit and reporting processes as the company expands
• Lead a collaborative inclusive GRC team serving as a trusted partner across the business and driving company-wide awareness and accountability in compliance and risk management

What youll bring:

• 8 years of experience in governance risk management compliance or related domains preferably in a SaaS or fintech environment
• Deep understanding of regulatory frameworks and standards (e.g. SOC 2 ISO 27001 GDPR CCPA AML sanctions SOX)
• Experience engaging directly with clients regulators or auditors to convey security practices and manage trust-based relationships
• Proven ability to manage complex audits and assessments and implement remediation plans effectively
• Experience designing and implementing enterprise risk and/or privacy programs
• Strong cross-functional leadership skills with a collaborative and pragmatic approach
• Familiarity with charitable disbursement regulations and financial compliance requirements is a strong asset

Bachelors degree in a relevant field (e.g. Business Law Information Security); certifications such as CISA CIPP or CRISC are preferred

Discover your purpose at work

We are not employees we are Benevity-ites. From all locations backgrounds and walks of life who deserve more

Innovative work. Growth opportunities. Caring co-workers. And a chance to do work that fills us with a sense of purpose.

If the idea of working on tech that helps people do good in the world lights you up ... If you want a career where youre valued for who you are and challenged to see who you can become

Its time to join Benevity. Were so excited to meet you.

Where we work

At Benevity we embrace a flexible hybrid approach to where we work that empowers our people in a way that supports great work strong relationships and personal well-being. For those located near one of our offices while theres no set requirement for in-office time we do value the moments when coming together in person helps us build connection and collaboration. Whether its for onboarding project work or a chance to align and bond as a team we trust our people to make thoughtful decisions about when showing up in person matters most.

Join a company where DEIB isnt a buzzword

Diversity equity inclusion and belonging are part of Benevitys DNA. Youll see the impact of our massive investment in DEIB daily from our well-supported employee resources groups to the exceptional diversity on our leadership and tech teams.

We know that diverse backgrounds experiences skills and passions are what move our business and our people forward so were committed to creating a culture of belonging with equal opportunities for everyone to shine.

That starts with a fair and accessible hiring process. If you want to feel seen heard and celebrated you belong at Benevity.

Candidates with disabilities who may require accommodations throughout the hiring or assessment process are encouraged to reach out to