Dig Insights is a tech-enabled research company that helps our clients - global consumer brands - move beyond consumer-centric to decision-centric. Our clients can then go-to-market with innovations that shift consumer decisions in their favor.

Our work is supported by the technologies that we leverage and create. This includes Upsiide, our proprietary innovation insights platform. Upsiide is a SaaS platform that reinvents how enterprise companies screen, optimize, and build a business case for innovation.

Our clients span verticals including CPG, QSR, retail, technology, financial services, and telecommunications. Our work is led by a team of over 250 strategists, insights leaders and data scientists. We work for a global client base out of offices in Toronto, Chicago, and London.

Our success is due to our strong commitment to our clients, and the creativity and dedication of our entire team. Since the beginning, we have been focused on building the smartest consumer insights company and that means hiring people who are bright, creative, resourceful, and kind. People who succeed at Dig are curious, question established norms and are passionate about helping our clients to move their businesses forward. If you want to join a team that takes themselves just seriously enough to produce great work, we’d love to welcome you.

As we continue to grow, both geographically and in our expertise we are looking for people who want to join a high-growth and highly collaborative company.

Analyst, Digital Trust – About this role

At Dig Insights, the Analyst, Digital Trust supports the organization in maintaining compliance with relevant frameworks, standards, and regulations while also identifying, tracking, and reporting on risks that could undermine our digital trust. They will work closely with system stakeholders to support Dig Insights’ continuous improvement of the organization’s management system. They work under the guidance of the Trust Manager, but are often the “hands-on executors” of evidence gathering and risk assessments.

Your primary responsibilities will include, but are not limited to:

Compliance & Audit

• Assist with the administration and tracking of the organization’s security and compliance controls. (e.g., ISO 20252, ISO 27001, GDPR, and SOC 2).
• Collect, validate, and maintain compliance evidence for audit, assessments, and regulatory reviews.
• Conduct internal compliance checks to ensure policies and procedures are followed.
• Help maintain the organization’s compliance records and trust-related policies, procedures, standards, and control documentation.
• Support third-party risk assessments by reviewing questionnaires and compliance certifications.

Risk Management

• Assist in maintaining the enterprise risk register with up-to-date risk entries.
• Conduct initial and ongoing risk assessments for projects, vendors, and systems.
• Help score risks (likelihood/impact) and propose preliminary mitigation strategies.
• Monitor key risk indicators (KRIs) and prepare reports for leadership.
• Track remediation actions and escalate overdue risks.

Cross-Functional Support

• Partner with internal stakeholders to gather data for risk/compliance functions.
• Support incident post-mortems by documenting findings and lessons learned.
• Contribute to training sessions and initiatives by preparing awareness materials on compliance and risk topics.
• Assist in preparing reports and metrics for management and stakeholders.
• Stay current with regulatory, compliance, and industry standards related to digital trust.

Experience, Skills and Requirements:

• 1-3 years experience in security, audit, risk or compliance.
• Foundational knowledge of audit/compliance frameworks: ISO 27001, SOC 2, NIST CSF, GDPR, and global privacy regulation.
• Risk analysis basics (risk matrix, heatmaps, qualitative and quantitative scoring).
• Attention to detail in evidence gathering and documentation.
• Analytical thinking to spot gaps and inconsistencies.
• Communication skills to explain findings to non-technical audiences.
• Eagerness to grown and learn within the digital trust domain.

Nice to have certifications:

• ISO 27001 Foundation / Implementer
• CISA (audit focus) or CRISC (risk focus)

Work Perks:

• Hybrid working policy which gives the flexibility to employees to work remotely or in one of our office locations
• Unlimited vacation policy
• Reimbursement for health and wellness classes/memberships, and continuous learning
• Medical Insurance
• In-person and virtual social events such as poker night, paint night, trivia night and more!

To find out more about us visit us at www.diginsights.com & www.upsiide.com

Our culture is built on 5 core values: Energy, Excellence, Evolution, Equality and Empathy. We believe that our success is dependent on the diverse talents, skills, and ideas of its staff. We are committed to creating an inclusive work environment and encourage applications from all qualified candidates including those in the BIPOC and LGBTQ communities, and from people with disabilities.

We thank you for your interest in Dig Insights, however, only candidates who are chosen for an interview will be contacted.