TIS GRC Analyst

Posting End Date:

April 23, 2024

Employee Type:

Regular-Full time

Union/Non:

This is a non-union position

With an in-depth knowledge of technology governance, risk and compliance, this position will support the Supervisor of TIS GRC.

The primary focus of this role includes liaison and coordination of TIS risk and assurance engagements, monitoring status of risk remediation plans to ensure timely closure with appropriate quality of remediation in alignment to departmental policies/standards, may include reporting of risk management performance activities to various levels of management in TIS, and support other risk assurance activities within GRC as needed.

What you will do:

Risk Management:

• The primary focus will be to ensure the Enterprise Risk Management process is followed when identifying, risk ranking and tracking to closure for all technology and cyber related risks.  Escalating to SMEs in respective areas for action and mitigation, when required

• Work towards ensuring the BU technology and security posture is continuously improving and trending in the right direction.

• Presenting GRC metrics to Cybersecurity and Business Unit Leadership to ensure they are aware of their risks and obligations.

Governance:

• Responsible for the collection and reporting of risk metrics, providing support to internal assurance activities as and when required. 

• Provide control gap analysis with recommendations for improvement.

• Acting as a GRC participant in the development and review of cybersecurity policies and standards as and when required.

Compliance:

• Support the Supervisor of Governance Risk and Compliance and on key compliance areas CISO engagement in the areas of risk management (all technology related risks including cybersecurity) in general including Internal Audit, SOX and Standard/Policy Compliance as required.

• Be a contributor for establishing common approaches for monitoring of compliance efforts, remediation of control gaps and continuous improvement for processes.

Relationship Management

• Engage with TIS control/system/risk owners and subject matter experts to drive value and compliance within Enbridge and operate as point of contact for the respective BU level risk management activities.

What you will do:

Required: 

• University degree in Computer Sciences, Engineering, Audit, Business, or related disciplines

• A minimum of 2+ years of progressive hands-on experience in the field of information security, IT governance, compliance, cyber security, audit, or risk management

• Working knowledge of cyber security and risk management best practice

• Ability to manage concurrent initiatives and conflicting priorities.

• Highly disciplined and professional regarding handling confidential information.

• Demonstrated understanding of various compliance and quality assurance roles.

• Ability to effectively interact with personnel involved in policy, technical, operational, and program management work.

• Excellent communication skills including technical and business writing, documentation and presentation skills.

Preferred:

• Working knowledge of cyber security standards, frameworks and regulations including but not limited to NIST, ISO 27001 and 27002, NERC and SOX is desired.

• Possession or working towards achieving the following professional qualifications: CISSP, CRISC, CISA or related cyber certifications.

Flex-Work

Enbridge provides competitive workplace programs that differentiate us and offer flexibility to our team members. Enbridge’s Flex-Work (Hybrid Work Model) offers eligible employees the opportunity to work variable daily schedules with a flexible start and end time, to opt for a compressed workweek schedule, and the option to work from home on Wednesdays and Fridays. Role requirements determine your eligibility for each option or combination of options. #LI-Hybrid

Diversity and inclusion are important to us. Enbridge is an Equal Opportunity and Affirmative Action Employer. We are committed to providing employment opportunities to all qualified individuals, without regard to age, race, color, national or ethnic origin, religion, sex, sexual orientation, gender identity or expression, marital status, family status, veteran status, Indigenous/Native American status, or disability. Applicants with disabilities can request accessible formats, communication supports, or other accessibility assistance by contacting careers@enbridge.com.

Information For Applicants:

• Applications can be submitted via our online recruiting system only.
• We appreciate your interest in working with us; however, only those applicants selected for interviews will be contacted.
• Final candidates for this position may be required to undergo a security screening, including a criminal records check.

To learn more about us, visit www.enbridge.com