Advisor TIS GRC

Posting End Date:

February 17, 2025

Employee Type:

Regular-Full time

Union/Non:

This is a non-union position

With an in-depth knowledge of technology governance, risk and compliance, this position will support the Supervisor of TIS GRC specifically areas relating to governance, risk management and compliance activities. The primary focus of this role includes liaison and coordination of TIS risk and assurance engagements, monitoring status of management action plans, may include reporting of audit compliance and risk management performance activities to various levels of management in TIS, and support risk assurance activities within GRC.

What you will do:

Governance:

• Configure and maintain governance, risk and compliance capabilities within the team’s GRC application.

• Responsible for the collection of metrics, providing data assurance and reporting related to the Cybersecurity Governance Program including the Cybersecurity Control Framework and CISO exception reporting

• Ensure the existing technology policy/standards are in line with the industry frameworks & leading practices

Risk:

• Ensure the Enterprise Risk Management process is followed when identifying, risk ranking and tracking to closure for all Technology and Cyber related risks.  Escalating to SMEs in respective areas for action and mitigation.

• Identify and manage areas of risks for deviation from existing policies/standards throughout its lifecycle

• Work closely with the Security Advisory team to ensure risks are appropriately ranked and reviewed before processing exceptions.

Compliance:

• Supporting the Supervisor of Governance Risk and Compliance and on key compliance areas CISO engagement in the areas of Internal Audit, SOX and Policy Compliance

• Manage internal audit coordination and ensure timely remediation of audit/assessment findings 

• Be a key contributor for establishing common approaches for monitoring of compliance efforts, remediation of control gaps and continuous improvement for processes.

• Support other areas of regulatory compliance including alignments to leading frameworks like the NIST etc.

Relationship Management:

• Engage with TIS control owners and subject matter expert to drive value and compliance within Enbridge and operate as point of contact and coordinate cybersecurity assurance activities and BU level risk management activities.

Who you are:

• University degree in Computer Sciences, Engineering, Audit,Assurance, Business or related disciplines

• A minimum of 4 years of progressive hands-on experience in the field of information security, IT governance, compliance, cyber security, audit or risk management

• Working Knowledge of cyber security and risk management best practice

• Demonstrated understanding of various compliance and quality assurance roles.

• Working knowledge of cyber policies and procedures is an asset.

• Working knowledge of cyber security standards, frameworks and regulations including but not limited to NIST, ISO 27001 and 27002, NERC and SOX is desired.

• Possession or working toward achieving the following professional qualifications: CISSP, CRISC, CISA or related certifications.

• Ability to effectively interact with personnel involved in policy, technical, operational, and program management work.

Enbridge Flex work program

Enbridge provides competitive workplace programs that differentiate us and offer flexibility to our team members. Enbridge’s Flex Work (Hybrid Work Model) offers eligible employees the opportunity to work variable daily schedules with a flexible start or end time, to opt for a compressed workweek schedule or the option to work from home on Wednesdays and Fridays. Role requirements determine your eligibility for each option.  #joinourteam #LI-Hybrid

Diversity and inclusion are important to us. Enbridge is an Equal Opportunity and Affirmative Action Employer. We are committed to providing employment opportunities to all qualified individuals, without regard to age, race, color, national or ethnic origin, religion, sex, sexual orientation, gender identity or expression, marital status, family status, veteran status, Indigenous/Native American status, or disability. Applicants with disabilities can request accessible formats, communication supports, or other accessibility assistance by contacting careers@enbridge.com.

Information For Applicants:

• Applications can be submitted via our online recruiting system only.
• We appreciate your interest in working with us; however, only those applicants selected for interviews will be contacted.
• Final candidates for this position may be required to undergo a security screening, including a criminal records check.

To learn more about us, visit www.enbridge.com