GRC Security Analyst

Posting End Date:

May 04, 2025

Employee Type:

Regular-Full time

Union/Non:

This is a non-union position

We are looking for GRC Security Analyst to join our diverse team. The primary focus of this role includes working with the vendor partners performing the TRA (Threat & Risk Assessment) for new technology coming into service and ensuring these are delivered with the right quality and in a timely manner. Read on!

We offer opportunities for growth, a competitive benefits and pension plan, and generous time off. Apply today, we'd love to hear from you! #joinourteam

Note: Internally this role is referred to as Analyst I TIS Security

What You Will Do:

Governance

• Coordinate the Cyber TRA work to ensure quality and value added outputs are delivered in a timely manner.

• Continuously see areas where TRA process improvements are required with the overall objective to improve the company's cyber security posture and drive customer satisfaction.

• Configure and maintain governance, risk and compliance capabilities within the team’s GRC application.

• Responsible for the collection of TRA metrics, providing data assurance and reporting related to the Cybersecurity Governance Program including the Cybersecurity Control Framework and CISO exception reporting.

• Responsible to update and track any required changes to policies and standards identified by external requirements.

• Be versed with cybersecurity frameworks & leading practices for technology assets. This includes but is not limited to NIST, ISO 27001, ISO 27002, SOX controls, SOC reporting, related industry regulations including latest cyber-attack vectors to keep the company assets/data/applications secure.

Risk

• Ensure the Enterprise Risk Management process is followed when identifying, risk ranking and tracking to closure for all Technology and Cyber related risks. Escalate to SME’s in respective areas for action and mitigation.

• Work closely with the Business Solutions team to ensure risks are appropriately ranked and reviewed before processing exceptions.

• Perform the regular tracking of TRAs and risks and ensure all items are managed efficiently with minimal overdue.

Compliance

• Support the Supervisor of Governance Risk and Compliance and on key compliance areas CISO engagement in the areas of Internal Audit, SOX and Policy Compliance.

• Be a key contributor for establishing common approaches for monitoring of compliance efforts, remediation of control gaps and continuous improvement for processes.

Relationship Management

• Engage with TIS control owners and subject matter expert to drive value and compliance within Enbridge and operate as point of contact and coordinate cybersecurity assurance activities and BU level TRA & risk management activities.

Who You Are:

• Related university degree such as Computer Sciences, Engineering, Audit, Business or related disciplines and limited previous experience OR a two- year technical diploma with some work experience in the field of information security, IT governance, compliance, cyber security, audit or risk management.

• Ability to manage concurrent initiatives and conflicting priorities.

• Highly disciplined and professional in regard to handling confidential information.

• Demonstrated understanding of various compliance and quality assurance roles.

• Ability to effectively interact with personnel involved in policy, technical, operational, and program management work.

• Excellent communication skills including technical and business writing, documentation and presentation skills.

Flex-Work:

Enbridge provides competitive workplace programs that differentiate us and offer flexibility to our team members. Enbridge’s FlexWork (Hybrid Work Model) offers eligible employees the opportunity to work variable daily schedules with a flexible start or end time, to opt for a compressed workweek schedule or the option to work from home on Wednesdays and Fridays. Role requirements determine your eligibility for each option. #LI-Hybrid

At Enbridge, we are dedicated to our core value of Inclusion. We are proud to be an Equal Opportunity Employer. We are committed to providing employment opportunities to all qualified individuals, without regard to age, race, color, national or ethnic origin, religion, sex, sexual orientation, gender identity or expression, marital status, family status, veteran status, Indigenous status, disability, or any other reason protected by federal, state, or local law. Applicants with disabilities can request accessible formats, communication supports, or other accessibility assistance by contacting careers@enbridge.com.

Information For Applicants:

• Applications can be submitted via our online recruiting system only.

• We appreciate your interest in working with us; however, only those applicants selected for interviews will be contacted.

• Final candidates for this position may be required to undergo a security screening, including a criminal records check.

To learn more about us, visit www.enbridge.com