Security Governance, Risk Management and Compliance

**The Opportunity**: As our Governance, Risk Management, and Compliance (GRC) Analyst, you will report to Cyber GRC & IAM manager to help us build and grow our cyber practice from the ground up. This is a rare opportunity to join us on our journey on the forefront of cybersecurity, grow with us, and shape the future of Maple Leaf Foods.

This role requires a motivated self-starter. Someone who has strong analytical and problem-solving skills, a deep understanding of risk and compliance management principles, excellent communication and report-writing abilities, and foundational knowledge of industry-specific regulations, standards, and frameworks. You are passionate about security and compliance and believe in due diligence.

Maple Leaf Foods features a Flexible Hybrid working model working out of our Mississauga office.
**Snapshot of a Day-in-the-Life**:

- Work with MLF’s leaders (such as CIO, CISO, GRC Manager, Infrastructure Managers) and assist them in strengthening organization-wide Cybersecurity program
- Work with MLF’s stakeholders and implement Governance Risk and Compliance (GRC) related initiatives aligned with MLF’s vision and strategy
- Conduct risk assessments as per requirements within industry leading standards and frameworks (such as NIST CSF), identify gaps and assist in coordination of activities among other information security functions to resolve the gaps
- Be the primary point of contact for external assessments, audits and participate in interviews, walkthroughs and requirements gathering process
- Lead internal assessments (GRC) and audits, and conduct interviews, documentation review and controls assessment
- Assist in implementation of requirements defined within Cybersecurity related policies and procedures throughout the organization
- Collaborate with other information security functions (such as IAM, PAM, Resilience etc.) and collect Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs), and periodically report it to GRC Manager
- Prepare information security reports for MLF’s senior leaders (such as CIO, CISO and the Cybersecurity Committee)
- Assist in Implementation of cyber security controls and manage Cyber Controls Framework (NIST CSF) on regular basis
- Assist in development of cyber security related training and awareness initiatives
- Keep track of risks within the organization, ensure risks are appropriately addressed by risk owners within the determined timeline
- Work with required teams to collect and prepare audit data for C3 audits.

**What You’ll Bring**: Skills:

- Understand Information Security Concepts (such as Risk Management, Governance, Data Protection, Incident Management etc.)
- Knowledge of information security standards and regulations such as NIST CSF, NIST SP Series (800-53, 800-82, 800-207), NIST RMF (Risk Management Framework), C3, and CIS Critical Security Controls framework
- Quick learner, strategic thinker, strong team player with ability to multitask
- Organize, prioritize, and track project activities on a day-to-day basis
- Identify and communicate project risks to managers and IT leads
- Analytical and problem-solving mindset
- Clear verbal/written communication
- Proficiency in Excel, PowerPoint

People
- Ability to work collaboratively with members across other functions (such as Infrastructure, Cloud, Data etc.) to solve problems
- Track risks assigned to members within other functions (such as Infrastructure, Cloud, Data etc.)

Experience and Education:

- A minimum of 7 years of security related experience within various information security functions (AD IAM, PAM, GRC, MITRE ATT&CK, Resilience etc.)
- A minimum of 2 years of experience in managing projects and teams
- Experience in Data Protection, Third-party Risk Management and Resilience (preferred)
- Hands-on Experience in PAM tools (such as Delinea) and IAM tools (preferred)
- Prior experience in working in Consumer or Food & Beverage Industry (preferred)
- Bachelor's degree in Information Technology, Engineering or Computer Science (preferred) Collaboratively with members across other functions (such as Infrastructure, Cloud, Data etc.) to solve problems
- Track risks assigned to members within other functions (such as Infrastructure, Cloud, Data etc.)

Certifications:

- Professional certifications in Information Security such as CISSP, CISM, CRISC, CC or equivalent (preferred)

**What We Offer at Maple Leaf Foods**:

- Being part of a high-performance, people-focused company that has an inspiring and unique vision to become the most sustainable protein company on earth, and a deep commitment to sustainable protein across North America.
- An inclusive company culture and a work environment that keeps our people safe, rewards excellence, and empowers everyone to learn and contribute their best.
- A hybrid work model that embraces remote work for eligible roles, helping team members achieve work-life balance—combining the best of both spending time worki