- Company: Benevity
- Location: Canada
Benevity at a glance
benevity.com- Founded 2008
SEC filings mentioning "Benevity": 10 — search EDGAR
Registered as a global legal entity (LEI 549300GJFCWU0X1GQR59, CA) — via GLEIF
Benevity is a Calgary-founded (2008) software company that runs charitable donation, volunteering, and grant platforms for enterprises. Customers have included Nike, Coca-Cola, Microsoft, Google, and Apple, with roughly 250 Fortune 1000 clients as of 2017. See Wikipedia.
925 Wikipedia views in June 2026 — a rough gauge of public visibility.
Benevity is hiring a Senior GRC Analyst in Canada to strengthen how we govern security, risk, privacy, and regulatory compliance across a fast-moving SaaS environment. This full-time role puts you at the center of building trust with the clients, partners, and stakeholders who rely on Benevity every day.
About the Role
As Benevity's Senior Governance, Risk & Compliance (GRC) Analyst, you will own the day-to-day execution and ongoing maturation of our GRC program. You'll lead compliance and audit activities, run risk assessments, support third-party risk management, answer client due diligence requests, and help meet FINTRAC/AML obligations. Acting as a cross-team advisor, you'll shape policies and controls, keep Benevity aligned with leading frameworks and privacy laws, and champion a culture rooted in security and accountability.
Key Responsibilities
- Help build and maintain security and privacy policies and control frameworks mapped to ISO 27001, SOC 2, NIST, PCI DSS, GDPR, PIPEDA, FINTRAC, and other global regulations.
- Manage policy approvals, exceptions, and attestations while pursuing automation and process improvements.
- Plan and carry out enterprise risk assessments, maintain the risk register, and drive remediation and treatment planning.
- Advance the Third-Party Risk Management (TPRM) program through vendor onboarding reviews and ongoing monitoring.
- Lead audit readiness for ISO 27001, SOC 2, PCI DSS, GDPR, PIPEDA, FINTRAC, and beyond, coordinating evidence and auditor engagement.
- Respond to customer security questionnaires, RFPs, and TPRM requests in partnership with sales and client success teams.
- Support cross-jurisdictional privacy work (GDPR, PIPEDA, CCPA/CPRA) and FINTRAC AML/ATF reporting, monitoring regulatory change.
- Deliver dashboards and executive reporting, run the Security Awareness & Training program, and mentor junior team members.
Qualifications
- 5+ years across cybersecurity, governance, risk, compliance, or privacy, ideally in SaaS or high-growth settings.
- Solid command of ISO 27001, NIST, SOC 2, PCI DSS, GDPR, PIPEDA, FINTRAC, and CCPA/CPRA.
- Hands-on use of GRC tooling such as OneTrust, Hyperproof, SecurityPal, AuditBoard, or Drata.
- A track record running risk assessments, TPRM, risk registers, and client due diligence (questionnaires, RFPs).
- Clear communication with technical and non-technical audiences, plus strong project management skills.
- Interest in applying automation and AI to GRC; CISM, CRISC, CISSP, CISA, or CIPM/CIPP certifications are a plus.
About Benevity
Benevity gives companies and their people technology to take meaningful social action through giving, volunteering, grantmaking, employee resource groups, and micro-actions. As one of Canada's first B Corporations, we serve most of the Fortune 100 and work across Canada, Spain, Switzerland, the UK, the US, and more.
How to Apply
To apply, complete your application directly on this page, or you'll be redirected to the employer's application platform to finish submitting there.
Apply now
Takes about a minute — like Indeed Apply. The employer sees you in their Candidates list.
To apply for this job please visit jobs.ashbyhq.com.
Explore Benevity online
What people say about Benevity
Public coverage centers on product and CSR themes rather than employee reviews. Recent items include Forbes on rethinking corporate volunteering, CSRwire on top causes companies support via Benevity, and a Do No Harm call for Benevity to drop SPLC’s “hate list.” HN links in the feed are mostly unrelated tech threads, not workplace ratings.
- A Vulnerability in Libsodium
- GoFundMe created 1.4M donation pages for nonprofits; organizations had no clue
- Danish supermarket chain is setting up "Emergency Stores"
- Apple allows some iOS apps to track user locations via lists of nearby SSIDs
Recent news
- Benevity - Via Ritzau
- Why Benevity Believes Corporate Volunteering Needs Re-Imagining - Forbes
- Benevity Releases List of Top Charitable Causes Supported by Companies and Their People in 2025 - CSRwire
- Do No Harm Urges Benevity to Ditch SPLC’s Discredited ‘Hate List’ - Do No Harm
- Social impact software firm Benevity issues US$90M in equity after leadership turnover - The Logic
Aggregated from public discussions and news; opinions are the authors’ own.
Working in Canada
Listing location is Canada (not a specific city). Work would sit within Canadian employment norms and time zones spanning Atlantic to Pacific; Calgary roots may matter for HQ culture, but this post does not confirm office city or hybrid pattern.
🇨🇦 Relocation safety for Canada: Very Safe — via Warnely, CC BY 4.0
National unemployment rate in Canada: 6.9% — via World Bank
GDP per capita in Canada: $55,698 — via World Bank
Consumer price inflation in Canada: 2.1% (annual) — via World Bank
Real GDP growth in Canada: 1.7% (annual) — via World Bank
Average hours worked per year in Canada: 1,687 — via OECD
About this role & career path
Senior GRC roles usually bridge security, compliance, and business risk. At a CSR-tech vendor, depth in SaaS control frameworks and customer/audit expectations can lead toward GRC lead, risk manager, or compliance program ownership.
Build the skills for this role
Prioritize risk frameworks (e.g., ISO 27001, SOC 2-style control thinking), policy writing, control testing, and clear stakeholder communication. No certified training catalog was supplied for this listing.
Be ready to walk through a control failure you investigated, how you evidence continuous compliance for SaaS, and how you’d prioritize risks for a donation/volunteer platform serving Fortune-scale customers. Know Benevity’s product surface at a high level.
Strong fit if you already own GRC work end-to-end and care about trust in social-impact software. Thin location detail and no pay data mean you should clarify Canada work arrangement, team scope, and frameworks in use early.
Job details above are provided by the employer/source. The sections on this page are compiled from public data sources with AI assistance.
Accommodations: if you need a workplace accommodation to apply for or perform this job, see ADA.gov or EEOC.gov for guidance on your rights and how to request one.
Listing facts
- Role Senior GRC Analyst
- Employer Benevity
- Location Canada
- Type Full Time
- Posted June 21, 2026
- Apply by 2026-07-21
- Country context Canada
- Overview Full original description on this page (421 words; rewritten for clarity, not a teaser paste)
Facts above come from this job record on Get A Job.AI — not copied from third-party review sites.
Public discussions & open sources
Attributed public threads and profiles — not employee reviews or star ratings.
- Hacker News — A Vulnerability in Libsodium
- Hacker News — GoFundMe created 1.4M donation pages for nonprofits; organizations had no clue
- Hacker News — Danish supermarket chain is setting up "Emergency Stores"
- Hacker News — Apple allows some iOS apps to track user locations via lists of nearby SSIDs
Cached public sources (Hacker News, Dev.to, GitHub, etc.).
Employer website
Explore related openings
6 other opening(s) at Benevity on Get A Job.AI
- Senior Analyst, Global Money Movement
- Events & Experiences Manager
- Specialist, Events & Communications – 12 Month Term
- Leadership Development Facilitator
- Architect
- Paid Media Manager
Occupation family: Senior GRC Analyst
Research this employer
Pull public facts we already cached for this company (Wikipedia, news, discussions). We never invent Glassdoor-style ratings.
Open interview kit (print-friendly)
Get email alerts for similar jobs
Keep exploring on Get A Job.ai
Not quite the right fit? Your next opportunity is a click away.
- Browse all jobs
- More jobs by category
- Remote jobs you can do from anywhere
- Research typical pay for this role
- Set a job alert so new matches reach you first
- Upload your resume to apply faster
- Register now to access our free AI resume builder
Hiring instead? Post a job and reach candidates searching right now.
