GRC Analyst

Position Summary

The GRC Analyst is responsible for implementing and maintaining the Company's governance, risk, and compliance (GRC) program, with a focus on global data privacy regulations and information security frameworks. This role ensures organisation compliance with GDPR, CCPA, PIPL, PIPEDA, and other relevant privacy regulations, while managing compliance activities through Microsoft Purview and related tools. The GRC Analyst will conduct risk assessments, manage compliance documentation, and collaborate with business units to embed privacy and security practices across the organization. May assist with IT due diligence efforts in M&A activities relative to compliance, regulatory requirements, and development of risk mitigation plans.

Key Responsibilities

• Works as the primary subject matter expert on Microsoft Purview within the company, including data classification, retention po...