Senior Analyst, Security GRC

** Your Moneris Career – The Opportunity
** Moneris is seeking a dedicated resource to manage the expanded scope of PCI requirements, evidence coordination, and remediation tracking. The Senior Analyst, Security GRC will primarily support the PCI program while also enabling timely delivery of parallel audits and assessments, reducing the risk of control failures, repeat findings, and regulatory exposure.
*
* Location:

** You will be based in our Toronto office, balancing in-office collaboration with remote flexibility.
** Reporting Relationship**:
You will report to the Senior Manager, GRC
** Posting Type:
** New Position
** Salary Range:
** The expected base salary range for this role is $ **$113,282 - $148,682
*** Total compensation may also include variable or discretionary incentive components, including but not limited to bonuses and commissions. Individual job offers are determined by various factors, including experience, education, skills, certifications, and other business needs.
* ** Your Moneris Career - What you'll do
*** Lead the development and maintenance of comprehensive security policies, standards, and frameworks that align with industry best practices (e.g., ISO 27001, NIST, PCI-DSS)
* Conduct complex risk assessments and threat modeling exercises, providing expert analysis and recommendations for risk mitigation
* Design and implement security awareness programs, including phishing simulations and targeted training initiatives to enhance Moneris' security culture
* Perform compliance monitoring and reporting processes, ensuring adherence to security policies and regulatory requirements across Moneris
* Manage the security risk register, prioritizing risk mitigation efforts and tracking the progress of treatment plans
* Develop and present advanced security metrics and reports to senior management, providing insights into Moneris' security posture and GRC program effectiveness
* Contribute to the development of the security GRC strategy, aligning initiatives with business objectives and emerging threats
* Conduct security incident investigations and root cause analysis, ensuring thorough documentation and effective corrective actions
* Mentor junior team members and provide technical guidance on GRC best practices and methodologies
* Collaborate with the incident response team to manage security incidents and breaches, ensuring proper documentation and lessons learned
* Evaluate and recommend GRC tools and technologies for implementation, considering Moneris’ needs and industry trends
* Conduct vendor security assessments and third-party risk management initiatives, developing and implementing robust evaluation processes
* Contribute to the preparation and delivery of presentations for the Security Governance Committee
* Assist in the development and tracking of key performance indicators (KPIs) for the security GRC function
* Participate in industry forums and conferences to stay abreast of emerging GRC trends and best practices
** Your Moneris Career - What you bring
*** Bachelor's degree in Computer Science, Information Security, Risk Management, or related field (Master's preferred)
* 7 years of experience in information security, risk management, or GRC
* In-depth knowledge of security frameworks and standards (e.g., NIST, ISO 27001, PCI-DSS)
* Proficiency in GRC tools and methodologies (e.g., RSA Archer, Metric Stream, Service Now GRC)
* Strong project management and leadership skills    Excellent analytical and problem-solving abilities
* Advanced communication and presentation skills, capable of engaging with senior stakeholders
* Experience in developing and delivering security awareness training programs
* Strong understanding of risk assessment methodologies and threat modeling techniques
* Knowledge of compliance requirements in the financial services or payment industry
* Ability to translate complex technical concepts into business terms for non-technical audiences
* Experience with data analysis and visualization tools (e.g., Power BI, Tableau)
* Relevant certifications (e.g., CISSP, CISM, CRISC) are preferred
** Your Moneris Career - What you get
*** At Moneris, we believe in empowering you to succeed—personally and professionally. As part of our team, you'll have access to resources, opportunities, and an inclusive environment that supports your development and career.
* Comprehensive Total Rewards Program, including performance-based bonuses, flexible benefits starting from day one, and your choice of a health spending account (HSA) or personal spending account (PSA)
* Retirement planning support, with profit-sharing programs including company match and a defined contribution pension plan
* Growth & development opportunities, including unlimited access to Coursera, mentorship programs, and an internal gig marketplace
* Holistic wellness support, with an Employee & Family Assistance Program, 24/7 virtual healthcare, and workplace wellness initiatives
* Flexibility that works for you, including hybrid work…