At Equitable, we believe work should be a place where you feel supported, inspired, and empowered to grow. In our caring and collaborative environment, your curiosity is encouraged, your passion is recognized, and your contributions truly matter. Together, we create meaningful impact—for our clients, our communities, and each other.

Position Title: IT Governance, Risk and Compliance Analyst

Reports To: Senior Technology Manager, IT Governance, Risk and Compliance

Department: IT - Technology Risk and Governance

Term: Permanent Full-Time

Work Arrangements: This is a hybrid role. You will work in our office in Waterloo, ON a minimum of two (2) assigned, consecutive days every other week, plus a fifth (5th) assigned day per month. You are welcome to work from the office more than the minimum requirement and there may be some roles that are required to work in our office more than the minimum requirement.

The Opportunity: At Equitable, our focus is on making a meaningful impact in the lives of Canadians by putting clients at the heart of everything we do. We lead with empathy, act with intention, stay curious, and support one another every step of the way. If you're looking for purpose-driven work in a collaborative and inclusive environment where your voice is heard, and your growth is encouraged we’d love to connect. As we continue to evolve our cybersecurity posture, we are seeking an IT Governance, Risk and Compliance (GRC) Security Analyst to join our team and help drive our risk and compliance initiatives forward. You will report to the Senior Manager of IT Security for Governance, Risk and Compliance and work closely with various stakeholders across the organization. You will also have strong communication and collaboration skills, as well as the ability to recommend risk treatment or mitigation strategies that align with the tactical and strategic priorities of the company. This role is ideal for a security generalist with experience across all aspect of GRC, an understanding of technology, and a passion to work collaboratively with teams to support security across the organization. You will help ensure the security and integrity of the IT systems and processes of Equitable. You will apply your subject matter expertise on IT risk management and compliance to develop and implement policies and standards, oversee and maintain control assurance activities, evaluate and improve IT controls, execute security and risk assessments, provide insights and guidance to IT and business stakeholders, assess compliance with laws, regulations, directives, and contracts, support the governance, risk and compliance platform/solution, and support the vendor risk management program. If you are looking for a challenging and rewarding role in a dynamic and innovative organization, this is the opportunity for you. Join one of the Waterloo Area’s Top Employers for 2025 and Southwestern Ontario’s Top Employers for 2024 and be part of something that matters.

What you will be doing:

• Support the development, implementation, and maintenance of the organization’s GRC framework, policies, and procedures.
• Champion security risk management across the organization.
• Conduct risk assessments and control evaluations across business units and IT systems. Conduct vendor risk assessments and control evaluations within the context of data security. Supporting both project and operational initiatives.
• Document and track risks. Collaborate with stakeholders to ensure risk mitigation strategies are effectively implemented.
• Monitor compliance with internal policies and external regulatory requirements (e.g., OSFI).
• Assist in the preparation and execution of audits. Track and report on remediation efforts for identified control and security gaps.
• Maintain and enhance GRC tools and platforms
• Stay current on emerging threats, regulatory changes, and industry best practices.
• Support and champion security awareness across the organization.

What you will bring:

• A Bachelor’s degree or equivalent experience/education in a related field
• 5+ years of experience in IT governance, compliance, assurance, or audit roles
• GRC Expertise in financial services, healthcare, or other highly regulated industries
• Preferred to have a CISA or CISSP

What’s in it for you:

• A workplace where care, passion, and curiosity aren’t just values, they’re how we work, grow, and succeed together every day.
• A healthy work-life balance with employee wellness top of mind
• Annual bonus program, annual vacation allowance, and company-paid benefits program
• Generous vacation package with one volunteer day to give back to a charity of your choice
• Immediate enrollment in the company’s pension program with employer matching
• Employee resource groups that support an inclusive work environment
• Tuition support and specialized program assistance
• An onsite full-service cafeteria with a variety of daily options
• Discounts on company products and services, and access to exclusive employee perks
• Regular EQ Together events focused on company togetherness and collaboration

As part of the recruitment/offer process you will be required to:

• Provide two professional references (minimum one supervisor and above)
• Undergo a criminal background check

This position is available due to an existing vacancy.

We are dedicated to inclusive and accessible hiring practices. If you require accommodations or alternative formats, please contact us at careers@equitable.ca.

#LI-Hybrid