Director – Governance – Risk – And Compliance – GRC
| Company | Benevity |
|---|---|
| Location | Calgary, AB, Canada |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior, Expert or higher |
Requirements
- 8+ years of experience in governance, risk management, compliance, or related domains, preferably in a SaaS or fintech environment
- Deep understanding of regulatory frameworks and standards (e.g., SOC 2, ISO 27001, GDPR, CCPA, AML, sanctions, SOX)
- Experience engaging directly with clients, regulators, or auditors to convey security practices and manage trust-based relationships
- Proven ability to manage complex audits and assessments and implement remediation plans effectively
- Experience designing and implementing enterprise risk and/or privacy programs
- Strong cross-functional leadership skills with a collaborative and pragmatic approach
- Familiarity with charitable disbursement regulations and financial compliance requirements is a strong asset
- Bachelor’s degree in a relevant field (e.g., Business, Law, Information Security)
Responsibilities
- Develop and maintain security, privacy, and compliance policies aligned with industry standards and evolving regulations
- Oversee internal controls supporting security, data protection, and financial integrity, and lead audits, self-assessments, and readiness for certifications (e.g., SOC 2, ISO 27001)
- Design and lead an enterprise risk management framework, working with senior leaders to embed risk mitigation into operations and planning, and provide regular insights to leadership
- Ensure global privacy compliance (e.g., GDPR, CCPA) in partnership with Legal and Product, while managing DPIAs, DSARs, and promoting a privacy-by-design culture
- Oversee compliance with financial reporting standards, charitable disbursement regulations, AML, and sanctions screening, ensuring readiness for regulatory changes
- Build client trust by demonstrating Benevity’s security and compliance maturity; engage with clients and partners to provide transparency and respond to due diligence requests
- Support contract reviews to ensure alignment between client requirements and Benevity’s security and privacy controls
- Implement scalable GRC tools to automate policy, risk, audit, and reporting processes as the company expands
- Lead a collaborative, inclusive GRC team, serving as a trusted partner across the business and driving company-wide awareness and accountability in compliance and risk management
Preferred Qualifications
- Certifications such as CISA, CIPP, or CRISC are preferred