IT Governance, Risk & Compliance Specialist

Posting End Date:

Employee Type:

In todays digital landscape safety is the cornerstone of trust and resilience in the IT space. Cybersecurity risk management and compliance are not just technical requirementsthey are essential safeguards that protect sensitive data ensure operational continuity and uphold regulatory on to know more about this role!

As an IT Specialist Governance Risk & Compliance (GRC) your role is critical to ensuring our organization meets regulatory requirements internal policies and industry standards. This enables us to proactively managerisks anddefend the Company against evolving threatsmaintainstakeholder confidence and create a secure environment where innovation thrives.

We are seeking a talented candidate with direct experience in cybersecuritygovernance riskmanagement and compliance who is passionate aboutdriving a culture of accountability and security across the this is you apply today. #joinourteam

Note: Internally this role is referred to as Specialist I TIS GRC

Whatyou willdo:

Compliance Assurance Monitoring and Reporting

• Manage and coordinate compliance assurance activities including NIST Cybersecurity Framework (CSF) maturity assessments regulatory assessments such as Sarbanes-Oxley (SOx) and Transportation Security Administration Security Directives (TSA SD) and internal audit engagements.

• Collect andvalidatecompliance evidence for audits and assessments.

• Providetimelysupport to stakeholders and subject matter experts in developing responses remediation plans and actionable strategies.

• Perform risk-based compliance checks and controls testing tovalidateeffectiveness.

• Maintainaccuratecompliance performance through dashboards and management reporting.

• Ensuretimelyclosure of audit findings andmaintainaudit logs.

Risk Management Support

• Identifyand reportemergingrisks driven by technological and regulatory changes.

• Contribute to risk assessments and support tracking monitoring and documentation of risks.

Governance Policy and Standard Support

• Assistin reviewing and updating cybersecurity policies standards and procedures.

• Supportgovernanceactivities ensuringdocumentation aligns with organizationalobjectivesand regulatory obligations.

Relationship Management

• Engage with internal stakeholders on compliance-related controls and risks.

• Maintain strong relationships with third-party assessors and internal audit teams to ensure seamless audit execution.

Continuous Improvement

• Identifyopportunities to streamline compliance processes through automation and AI.

• Conductpost-implementation reviewsessions and integrate improvements into frameworks and processes.

Who You Are:

• University degree in computer sciences engineering audit business or related disciplines.

• A minimum of6years of progressive direct experience in the field of information security IT governance compliance cybersecurity audit or risk management.

• Working knowledge of cybersecurity and risk management best practice specifically NIST frameworks.

• Ability to manage concurrent initiatives and conflicting priorities.

• Highly disciplined and professionalregardinghandling confidential information.

• Demonstrated understanding of various compliance and quality assurance roles.

• Ability to effectively interact with personnel involved in policy technical operational and program management work.

• Excellent communicationskillsboth written and verbal.

Preferred:

• Demonstrated understanding of various audit and quality assurance roles.

• Familiarity ofSOxIT controls and regulatory requirements in US and Canada (i.e. TSA Security Directives CFR and CER).

• Ability to effectively collaborate with personnel at all levels involved in policy technical operational and program management activities.

Physical Requirements:

Include but not limited to: Grasping kneeling light moderate lifting (objects up to 20 pounds) reaching above shoulder repetitive motion typing sitting standing visual requirement (able to see screens detect color coding read fine print) hearing requirement and the ability to sit at a computer for long periods of time.

Mental Requirements:

Include but not limited to: Ability to: understand remember and apply oral and/or written instructions or other information understand complex problems and collaborate/explore alternative solutions organize thoughts and ideas into understandable terminology organize and prioritize work schedule on a short-term basis make decisions which have moderate impact on the immediate work unit and monitor impact outside this area understand and follow basic instructions and guidelines complete routine forms compose letters outlines memoranda and basic reports and communicate with individuals via telephone.

Flex-Work:

Enbridge provides competitive workplace programs that differentiate us and offer flexibility to our team members. Enbridges FlexWork (Hybrid Work Model) offers eligible employees the opportunity to work variable daily schedules with a flexible start or end time to opt for a compressed workweek schedule or the option to work from home on Wednesdays and Fridays. Role requirements determine your eligibility for each option. #LI-Hybrid

At Enbridge we are dedicated to our core value of are proud to bean Equal Opportunity Employer. We are committed to providing employment opportunities to all qualified individuals without regard to age race color national or ethnic origin religion sex sexual orientation gender identity or expression marital status family status veteran status Indigenous status disability or any other reason protected by federal state or local with disabilities can request accessible formats communication supports or other accessibility assistance by contacting .

Information For Applicants:

• Applications can be submitted via our online recruiting system only.

• We appreciate your interest in working with us; however only those applicants selected for interviews will be contacted.

• Final candidates for this position may be required to undergo a security screening including a criminal records check.

To learn more about us visit