Governance, Risk, and Compliance Lead
7 days ago
At Emburse, you'll not just imagine the future – you'll build it. As a leader in travel and expense solutions, we are creating a future where technology drives business value and inspires extraordinary results.
The security-focused Governance, Risk, and Compliance (GRC) Lead will lead the efforts for strengthening our security and privacy posture and ensuring adherence to critical regulatory and industry standards. This role will be responsible for building and managing a comprehensive security GRC framework that protects our organization from cyber risks, ensures compliance with security regulations, and enables business resilience. The ideal candidate has expertise in security governance, risk management, and compliance, with the ability to partner with both technical and business teams. What you will do :
- Establish and maintain security policies, standards, and controls aligned with industry frameworks (NIST, ISO 27001, PCI, SOC 2).
- Develop a metrics and reporting framework to assess the effectiveness of the security framework.
- Organize information security risk assessment process, including the reporting and oversight of treatment efforts to address negative findings.
- Assist with compliance audits and projects (SOC 1, SOC 2, ISO 27001, ISO 27701, PCI-DSS, Tx-RAMP, and other projects).
- Manage privacy program to ensure that it is in compliance with legal and regulatory requirements (GDPR, PIPEDA, CCPA, CPRA).
- Execute Privacy Impact Assessments (PIAs).
- Support in the development and implementation of a continuous controls monitoring program for security compliance and automation of manual processes.
- Monitor regulatory and industry trends to ensure required changes in compliance policies, procedures, and testing are integrated in a timely manner.
- Assist with enterprise-wide targeted training for employee compliance with regulatory requirements.
- Coordinate security incident response and resiliency activities from a compliance and governance perspective, ensuring lessons learned feed back into governance processes.
- Manage Third Party Risk Management oversight for new and existing vendors
- Required: Bachelor's Degree; Minimum 5+ years of technology project/program management.
- Ability to effectively work as part of a cohesive and agile team.
- Ability to manage security audits and frameworks (e.g., PCI, ISO, SOC 1, SOC2, NIST).
- Ability to manage privacy audits and frameworks (e.g., GDPR, CPRA, CCPA, PIPEDA).
- Ability to remain organized and to elicit cooperation from a wide variety of sources, including team members, other internal departments, and external parties.
- Ability to effectively prioritize and execute tasks in a high-pressure environment and react to project adjustments and alterations promptly and efficiently.
- Ability to exercise good judgment and discretion in confidential matters.
- Demonstrable experience interacting with auditors and strategic partners in cloud-based environments similar to Emburse, relating to assurance frameworks such as SOX, PCI DSS, ISO27001, SOC 2 Trust Principles, Business Continuity and Disaster Recovery and Third-Party Risk Management.
- Implemented or maintained Drata (or other GRC tools).
- Certifications: Preferred: CISSP, CIPP/EU, CIPM, Security+, CISA, PMP
- Excellent analytical skills.
- Self-starter with the ability to work with minimal supervision.
- Experience working on large cross-functional teams, representing GRC on initiatives such as change management, identity and access management, policy management, and data retention.
- Strong writing skills and the ability to communicate information about complex issues to stakeholders in a clear and easy to understand way.
- Ability to develop creative and adaptive solutions to unique and complex inquiries.
- Unwavered by a rapid-paced working environment and meeting deadlinesTeam-focused, positive attitude, and good sense of humor.
Finance is changing—and at Emburse, we're leading the way. Our AI-powered solutions help organizations eliminate inefficiencies, gain real-time visibility, and optimize spend—so they can focus on what's next, not what's slowing them down.
• A Company with Momentum – We serve 12M+ users across 120 countries, helping businesses modernize their finance operations.
• A Team That Innovates – Work alongside some of the brightest minds in finance, tech, and AI to solve real- world challenges.
• A Culture That Empowers – Competitive pay, flexible work, and an inclusive, collaborative environment that supports your success.
• A Career That Matters – Your work here drives efficiency, innovation, and smarter financial decision-making for businesses everywhere.
Shape your future & find what's next at Emburse.
Emburse provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Emburse complies with applicable state and local laws governing nondiscrimination in employment in every location where the company has facilities. This policy applies to all terms and conditions of employment. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
-
Toronto, Ontario, Canada Alquemy Full time $80,000 - $120,000 per yearJob DescriptionThis role focuses on Governance, Risk, and Compliance (GRC), involving policy development, risk assessment, compliance audits, and alignment with industry standards and regulations.Key Responsibilities:Governance: Develop, update, and maintain security policies, standards, and procedures. Ensure alignment with frameworks like ISO 27001, NIST,...
-
Toronto, Ontario, Canada Aecon Group Inc. Full time $80,000 - $120,000 per yearIt has come to our attention that various international organizations or individuals have been offering false employment opportunities at Aecon Group Inc. Aecon Group Inc. employment policies and processes involve interviews, and candidates who seek employment are never required to pay us any sum of money. To do so would be contrary to our business conduct...
-
Governance, Risk
4 days ago
Toronto, Ontario, Canada Docebo Full time $80,000 - $120,000 per yearArtificial Intelligence. Actual Impact.At Docebo, AI isn't just a buzzword — it's how we help teams move faster, perform better, and focus on the work that actually matters. Our learning platform is built with smart, time-saving tools that personalize training, cut the busywork, and make learning feel like less of a chore (and more of a superpower).We're...
-
Director, Governance, Risk
1 week ago
Toronto, Ontario, Canada Numeris Full time $120,000 - $180,000 per yearNumeris is Canada's most trusted and authoritative source for broadcast measurement and consumer behaviour data. As well, the industry leading intelligence provider to broadcasters, advertisers, and agencies. We have been recognized for over 75 years as providing the gold standard in audience intelligence.We have great people who do exceptional work. We take...
-
Director, Governance, Risk
1 week ago
Toronto, Ontario, Canada Numeris Full time $120,000 - $180,000 per yearNumeris is Canada's most trusted and authoritative source for broadcast measurement and consumer behaviour data. As well, the industry leading intelligence provider to broadcasters, advertisers, and agencies. We have been recognized for over 75 years as providing the gold standard in audience intelligence. We have great people who do exceptional work. We...
-
Director, Governance, Risk
27 minutes ago
Toronto, Ontario, Canada Numeris Full time $120,000 - $150,000 per yearNumeris is Canada's most trusted and authoritative source for broadcast measurement and consumer behaviour data. As well, the industry leading intelligence provider to broadcasters, advertisers, and agencies. We have been recognized for over 75 years as providing the gold standard in audience intelligence. We have great people who do exceptional work. We...
-
Toronto, Ontario, Canada KPMG Full time $80,000 - $120,000 per yearOverviewAt KPMG, you'll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world.KPMG Canada's Risk Consulting practice applies exponential thinking and emerging technologies to solve today's challenges. Join a diverse team that is always curious and...
-
Toronto, Ontario, Canada KPMG Full time $120,000 - $180,000 per yearOverview:At KPMG, you'll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world.KPMG Canada's Risk Consulting practice applies exponential thinking and emerging technologies to solve today's challenges. Join a diverse team that is always curious and...
-
Lead, Governance and Compliance Analyst
6 days ago
Toronto, Ontario, Canada Thomson Reuters Full time US$116,900 - US$217,100Looking forward to advancing your career in IT Compliance & Audit? We are growing, and we are hiring. Come join us About the Role :In this opportunity as Lead, Cyber Compliance & Audit Analyst, you will assess, challenge, and support testing the design and operational effectiveness of controls using TR's control framework by working collaboratively with...
-
Toronto, Ontario, Canada CIBC Full time $90,000 - $120,000 per yearWe're building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what's right for our clients.At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and...
