Jr. Governance, Risk & Compliance (GRC) Analyst

Governance, Risk & Compliance (GRC) Analyst Onsite (Regina, SK) We are hiring a Junior-Intermediate Governance, Risk & Compliance (GRC) Analyst to support an established enterprise security program in a regulated environment.

• This position is 100% onsite in Regina, Saskatchewan.
• Applicants must already be located in Regina or the surrounding area and available to work onsite Monday-Friday.
• Remote, hybrid, or relocation candidates will not be considered.

The Role This role supports core cybersecurity governance, risk, and compliance functions, working closely with security and audit stakeholders. The successful candidate will be hands‑on in policy development, risk assessment, audit support, and business continuity activities, operating within clearly defined governance frameworks. This is a delivery‑focused role suited to someone who already has practical GRC experience and is comfortable working in structured, compliance‑driven environments. What You’ll Be Doing

• Supporting governance, risk, and compliance activities across cybersecurity programs
• Drafting, updating, and maintaining security policies, standards, and procedures
• Performing and documenting security risk assessments and tracking risk treatments
• Supporting internal and external audits, including preparation of audit evidence
• Conducting security compliance reviews and following through on findings
• Supporting business continuity and disaster recovery planning activities
• Assisting with third‑party security risk assessments
• Contributing to cybersecurity awareness and training initiatives
• Maintaining clear, audit‑ready documentation and registers

What You Must Bring To be considered, applicants must meet all of the following:

• A minimum of 3 years of hands‑on experience working in cybersecurity governance, risk, and compliance
• At least 3 years of direct involvement in business continuity and disaster recovery planning
• Proven experience creating and maintaining security policies, standards, and procedures within an enterprise environment
• Demonstrated experience supporting audits and regulatory compliance activities, including evidence collection
• Experience contributing to or running cybersecurity awareness or training programs
• At least one recognized security certification, such as CISSP, CISM, CISA, ABCP, MBCP, or equivalent
• Ability to work full‑time onsite in Regina, Saskatchewan, during standard business hours

Unfortunately applicants who do not clearly meet these requirements cannot be considered. This role cannot be performed remotely and does not support relocation. Please apply only if you are currently local to Regina and able to work onsite. Please note: This is a consulting/contract opportunity with our client, not a full-time employment vacancy within ISM/Kyndryl.