Share this Job

Governance Risk and Compliance Analyst

Date: Jul 24, 2022

Location: Thornhill, ON, CA, L3T 0A1

Company: CAA Club Group

About Us

Our Information Security Department is seeking a Governance Risk and Compliance Analyst

Who we are

As Canada's largest automobile association, we are passionate about keeping our Members safe-- whether they are on the road, at home, or travelling abroad. Meeting the diverse needs of our two-million Members requires high performing, forward thinking, and innovative people who work collaboratively to keep propelling our business forward. Life at CAA Club Group is fast paced, performance-driven and rewarding. We value our Associates' career growth and ongoing professional development-- and we regularly recognize their achievements and outstanding results. CAA Club Group (CCG) is known for providing stellar emergency roadside assistance to our motoring Members and non-Members. We work hard and play hard. We're about doing what's right and feeling good about it.

Position Details


  • Coordinate third party risk management coordination with auditors and regulators
  • Alignment of the CCG Security Program with the National Institute of Standards and Technology (NIST) cybersecurity Framework by conducting an auditor driven assessment on an annual basis
  • Coordinate all efforts and evidence collection relating to PCI-DSS compliance
  • Coordinate all efforts and evidence collection relating to IT General Controls audit
  • Coordinate all efforts and evidence collection relating to OSFI audits
  • Measure and report on IT GRC metrics on a monthly basis to Information Security Lead and Senior Management
  • Coach Brokers on security specific tasks and risks
  • Mentor and develop skillset and knowledge in the subject area
  • Ensure team identifies link between daily activities and Corporate goals and initiatives
  • Identifies brokerage requirements for additional training and courses
  • Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
  • Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
  • Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
  • Provide technical support to clients, management, security operations and network operations.
  • Provide implementation support for risk assessment and data security procedures and products
  • Prepare material for quarterly Risk Advisory Committee and Enterprise Risk Management Committees


  • Bachelors or equivalent degree in Information Security or Information Technology
  • Industry accreditation; CISSP, CISA, CISM would be an asset
  • Minimum 5-7 years of experience
  • Strong knowledge and previous experience with Governance, Risk and Compliance frameworks
  • Strategic, critical thinking, analytical and problem-solving skills 
  • Exceptional interpersonal and communication skills

Our Commitment

We are an equal opportunity employer and are committed to providing employment accommodation in accordance with the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act, 2005 (AODA). CAA CCG will provide accommodations to job applicants with disabilities throughout the recruitment process. If you require an accommodation, please notify us and we will work with you to meet your needs.