GRC Analyst 84638

4x French GRC Analysts - 84638

Consultants must accept the hybrid model of 6 days/month in Montreal and 2 days at the Old Port during PI planning which takes place every 8 weeks.

Pay Rate: CAD $80/h INC
Length: 6 months with chance of extension 40h/week

About the Role

As a GRC analyst you will collaborate on the implementation of governance risk management and compliance activities in the areas of information technology and cybersecurity. The analyst will play a key role as a cross-functional specialist ensuring that GRC controls frameworks and processes are aligned with the organizations legal regulatory and strategic requirements.

Responsibilities:

• Governance: Frameworks: collaborate in drafting socializing and evolving frameworks standards and processes in IT and cybersecurity.
• GRC Reporting: Collaborate in the reporting process for the various decision-making bodies of the organization.
• Support: Support delivery teams product owners solution and enterprise architects to ensure proper understanding and implementation of organizational frameworks requirements and controls.
• Risk management: Risk posture: collaborate to define assess and document the risk posture of IT assets. Identify and document the taxonomy of technological risks.
• Information asset protection level: collaborate to define and draft the models and methodologies that will be used to build IT asset protection level agreements.
• Risk support: supporting delivery teams product owners solution and enterprise architects to ensure proper understanding and implementation of protection levels for identified risks.
• Technological risk register: collaborate to document maintain and evolve the organizations technological risk register.
• Compliance and overall quality: Compliance metrics: collaborate to define and write the models and methodologies that will be used to build IT compliance dashboards.
• Monitoring and compliance with standards and regulatory frameworks: ensuring monitoring and compliance with standards and regulatory frameworks imposed by the client (e.g. ISO/IEC 27701 ISO 27001 NIST CSF2.0 Law 25 PCIDSS).
• Internal and external audit: collaborate with internal and external auditors to coordinate the collection of evidence and ensure compliance with the action plans they recommend.

Must Haves:

• 15 years in a GRC role
• Experience in Cloud environments (MS Azure AWS GCP)
• Knowledge of regulatory frameworks and standards (e.g. ISO/IEC 27701 ISO 27001 NIST CSF2.0 Law 25 PCI-DSS)

Nice to Have

• Experience in SAFe/Agile environments

Vacancy Status

This is an active contract position currently open for hiring.

Use of Artificial Intelligence

No artificial intelligence (AI) is used in the screening or selection process. All applications are reviewed by our recruitment team.

Equal Opportunity

emergiTEL is committed to creating a diverse and inclusive workplace. We welcome applications from all qualified individuals regardless of background. Hiring decisions are based solely on skills experience and qualifications relevant to the role.