Governance, Risk & Compliance Manager
Hybrid · Vancouver, British Columbia, Canada
Job Summary
Governance, Risk & Compliance Manager responsible for establishing, maintaining, and improving EarthDaily’s GRC program in a Vancouver-based, hybrid IT environment. Own policy lifecycle management, risk documentation, audit readiness, and collection of evidence for IT general controls and related IT compliance obligations, including SOX/ICFR, SOC 2, and cybersecurity governance. Collaborate across IT, Finance/Internal Controls, Legal, HR, and Engineering to advance governance practices, coordinate tabletop exercises, coordinate with external auditors, and drive cross-functional initiatives. Lead enterprise risk assessments, risk acceptance escalations, and development of procedures and templates; ensure documentation and controls align with regulatory and internal requirements. Strong focus on third-party risk, privacy considerations (GDPR/CCPA), and producing audit-ready evidence packages, with a heavy emphasis on communication to senior leadership and cross-functional teams.
Required Qualifications
- Bachelor’s degree in Information Security, Computer Science, Business Administration, Accounting, or related field; relevant professional experience and certifications may substitute for formal education
- 5+ years of experience in IT security, risk management, compliance, or audit roles
- 3+ years of direct experience with GRC programs, policy management, or audit preparation
- Relevant professional certifications such as CISA, CRISC, CISSP, CISM, or CGRC are preferred; familiarity with SOX/ICFR is an asset
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.