IT Governance, Risk

IT Governance, Risk & Compliance Specialist Join Enbridge’s team as an IT Governance, Risk & Compliance Specialist, dedicated to safeguarding data, ensuring regulatory compliance, and fostering a secure environment for innovation. Posting Details Posting End Date: December 21, 2025 Employee Type: Regular - Full time Union/Non‑union: This is a non‑union position What You Will Do Compliance Assurance, Monitoring, and Reporting Manage and coordinate compliance assurance activities, including NIST Cybersecurity Framework (CSF) maturity assessments, regulatory assessments such as Sarbanes‑Oxley (SOx) and Transportation Security Administration Security Directives (TSA SD), and internal audit engagements. Collect and validate compliance evidence for audits and assessments. Provide timely support to stakeholders and subject matter experts in developing responses, remediation plans, and actionable strategies. Perform risk‑based compliance checks and controls testing to validate effectiveness. Maintain accurate compliance performance through dashboards and management reporting. Ensure timely closure of audit findings and maintain audit logs. Risk Management Support Identify and report emerging risks driven by technological and regulatory changes. Contribute to risk assessments and support tracking, monitoring, and documentation of risks. Governance – Policy and Standard Support Assist in reviewing and updating cybersecurity policies, standards, and procedures. Support governance activities ensuring documentation aligns with organizational objectives and regulatory obligations. Relationship Management Engage with internal stakeholders on compliance‑related controls and risks. Maintain strong relationships with third‑party assessors and internal audit teams to ensure seamless audit execution. Continuous Improvement Identify opportunities to streamline compliance processes through automation and AI. Conduct post‑implementation review sessions and integrate improvements into frameworks and processes. Who You Are University degree in computer sciences, engineering, audit, business, or related disciplines. Minimum 6 years of progressive direct experience in information security, IT governance, compliance, cybersecurity, audit, or risk management. Working knowledge of cybersecurity and risk management best practice, specifically NIST frameworks. Ability to manage concurrent initiatives and conflicting priorities. Highly disciplined and professional regarding handling confidential information. Demonstrated understanding of various compliance and quality assurance roles. Ability to effectively interact with personnel involved in policy, technical, operational, and program management work. Excellent communication skills both written and verbal. Preferred Demonstrated understanding of various audit and quality assurance roles. Familiarity with SOx IT controls and regulatory requirements in the US and Canada (TSA Security Directives, CFR, and CER). Ability to collaborate with personnel at all levels involved in policy, technical, operational, and program management activities. Physical Requirements Grasping, kneeling, light‑to‑moderate lifting (up to 20 pounds), reaching above shoulder, repetitive motion, typing, sitting, standing, visual and hearing requirements, and ability to sit at a computer for long periods. Mental Requirements Understand, remember, and apply oral and/or written instructions; understand complex problems; organize thoughts and ideas; prioritize work; make decisions with moderate impact; follow basic instructions and guidelines; complete routine forms; compose letters, outlines, memoranda and basic reports; communicate via telephone. Flex‑Work Enbridge’s FlexWork (Hybrid Work Model) offers eligible employees variable daily schedules with flexible start or end times, compressed workweek options, or work‑from‑home on Wednesdays and Fridays, subject to role requirements. Equal Opportunity Statement Enbridge is a dedicated Equal Opportunity Employer. We provide employment opportunities to all qualified individuals, without regard to age, race, color, national or ethnic origin, religion, sex, sexual orientation, gender identity or expression, marital status, family status, veteran status, Indigenous status, disability, or any other protected characteristic. Applicants with disabilities can request accessible formats, communication supports, or other accessibility assistance by contacting Information For Applicants Applications can be submitted via our online recruiting system only. Only applicants selected for interviews will be contacted. Final candidates may be required to undergo a security screening, including a criminal records check. To learn more about us, visit . #J-18808-Ljbffr