Loading...

Free AI Resume Builder — land more interviews with a polished resume in minutes.

Try it free

Senior GRC Analyst

Similar live opening The link you followed was closed or not ready — this is a matching published job.
  • Company: Benevity
  • Location: Canada
Apply
  • Full Time
  • Canada
  • Apply on company site
  • QR code — scan to open this job listing on your phone
  • Map

Benevity at a glance

benevity.com
  • Founded 2008

SEC filings mentioning "Benevity": 10search EDGAR

Registered as a global legal entity (LEI 549300GJFCWU0X1GQR59, CA) — via GLEIF

Benevity is a Calgary-founded (2008) software company that runs charitable donation, volunteering, and grant platforms for enterprises. Customers have included Nike, Coca-Cola, Microsoft, Google, and Apple, with roughly 250 Fortune 1000 clients as of 2017. See Wikipedia.

925 Wikipedia views in June 2026 — a rough gauge of public visibility.

Source: Wikipedia · LinkedIn · X

Benevity is hiring a Senior GRC Analyst in Canada to strengthen how we govern security, risk, privacy, and regulatory compliance across a fast-moving SaaS environment. This full-time role puts you at the center of building trust with the clients, partners, and stakeholders who rely on Benevity every day.

About the Role

As Benevity's Senior Governance, Risk & Compliance (GRC) Analyst, you will own the day-to-day execution and ongoing maturation of our GRC program. You'll lead compliance and audit activities, run risk assessments, support third-party risk management, answer client due diligence requests, and help meet FINTRAC/AML obligations. Acting as a cross-team advisor, you'll shape policies and controls, keep Benevity aligned with leading frameworks and privacy laws, and champion a culture rooted in security and accountability.

Key Responsibilities

  • Help build and maintain security and privacy policies and control frameworks mapped to ISO 27001, SOC 2, NIST, PCI DSS, GDPR, PIPEDA, FINTRAC, and other global regulations.
  • Manage policy approvals, exceptions, and attestations while pursuing automation and process improvements.
  • Plan and carry out enterprise risk assessments, maintain the risk register, and drive remediation and treatment planning.
  • Advance the Third-Party Risk Management (TPRM) program through vendor onboarding reviews and ongoing monitoring.
  • Lead audit readiness for ISO 27001, SOC 2, PCI DSS, GDPR, PIPEDA, FINTRAC, and beyond, coordinating evidence and auditor engagement.
  • Respond to customer security questionnaires, RFPs, and TPRM requests in partnership with sales and client success teams.
  • Support cross-jurisdictional privacy work (GDPR, PIPEDA, CCPA/CPRA) and FINTRAC AML/ATF reporting, monitoring regulatory change.
  • Deliver dashboards and executive reporting, run the Security Awareness & Training program, and mentor junior team members.

Qualifications

  • 5+ years across cybersecurity, governance, risk, compliance, or privacy, ideally in SaaS or high-growth settings.
  • Solid command of ISO 27001, NIST, SOC 2, PCI DSS, GDPR, PIPEDA, FINTRAC, and CCPA/CPRA.
  • Hands-on use of GRC tooling such as OneTrust, Hyperproof, SecurityPal, AuditBoard, or Drata.
  • A track record running risk assessments, TPRM, risk registers, and client due diligence (questionnaires, RFPs).
  • Clear communication with technical and non-technical audiences, plus strong project management skills.
  • Interest in applying automation and AI to GRC; CISM, CRISC, CISSP, CISA, or CIPM/CIPP certifications are a plus.

About Benevity

Benevity gives companies and their people technology to take meaningful social action through giving, volunteering, grantmaking, employee resource groups, and micro-actions. As one of Canada's first B Corporations, we serve most of the Fortune 100 and work across Canada, Spain, Switzerland, the UK, the US, and more.

How to Apply

To apply, complete your application directly on this page, or you'll be redirected to the employer's application platform to finish submitting there.

Apply now

Takes about a minute — like Indeed Apply. The employer sees you in their Candidates list.

More options

To apply for this job please visit jobs.ashbyhq.com.

What people say about Benevity

Public coverage centers on product and CSR themes rather than employee reviews. Recent items include Forbes on rethinking corporate volunteering, CSRwire on top causes companies support via Benevity, and a Do No Harm call for Benevity to drop SPLC’s “hate list.” HN links in the feed are mostly unrelated tech threads, not workplace ratings.

Recent news

Aggregated from public discussions and news; opinions are the authors’ own.

Working in Canada

Listing location is Canada (not a specific city). Work would sit within Canadian employment norms and time zones spanning Atlantic to Pacific; Calgary roots may matter for HQ culture, but this post does not confirm office city or hybrid pattern.

🇨🇦 Relocation safety for Canada: Very Safevia Warnely, CC BY 4.0

National unemployment rate in Canada: 6.9%via World Bank

GDP per capita in Canada: $55,698via World Bank

Consumer price inflation in Canada: 2.1% (annual) — via World Bank

Real GDP growth in Canada: 1.7% (annual) — via World Bank

Average hours worked per year in Canada: 1,687via OECD

    About this role & career path

    Senior GRC roles usually bridge security, compliance, and business risk. At a CSR-tech vendor, depth in SaaS control frameworks and customer/audit expectations can lead toward GRC lead, risk manager, or compliance program ownership.

    Build the skills for this role

    Prioritize risk frameworks (e.g., ISO 27001, SOC 2-style control thinking), policy writing, control testing, and clear stakeholder communication. No certified training catalog was supplied for this listing.

    Be ready to walk through a control failure you investigated, how you evidence continuous compliance for SaaS, and how you’d prioritize risks for a donation/volunteer platform serving Fortune-scale customers. Know Benevity’s product surface at a high level.

    Strong fit if you already own GRC work end-to-end and care about trust in social-impact software. Thin location detail and no pay data mean you should clarify Canada work arrangement, team scope, and frameworks in use early.

    Job details above are provided by the employer/source. The sections on this page are compiled from public data sources with AI assistance.

    Accommodations: if you need a workplace accommodation to apply for or perform this job, see ADA.gov or EEOC.gov for guidance on your rights and how to request one.

    Add application deadline to calendar

    Listing facts

    • Role Senior GRC Analyst
    • Employer Benevity
    • Location Canada
    • Type Full Time
    • Posted June 21, 2026
    • Apply by 2026-07-21
    • Country context Canada
    • Overview Full original description on this page (421 words; rewritten for clarity, not a teaser paste)

    Facts above come from this job record on Get A Job.AI — not copied from third-party review sites.

    Public discussions & open sources

    Attributed public threads and profiles — not employee reviews or star ratings.

    Cached public sources (Hacker News, Dev.to, GitHub, etc.).

    Employer website

    benevity.com

    Explore related openings

    6 other opening(s) at Benevity on Get A Job.AI

    Occupation family: Senior GRC Analyst

    Research this employer

    Pull public facts we already cached for this company (Wikipedia, news, discussions). We never invent Glassdoor-style ratings.

    Open interview kit (print-friendly)

    Get email alerts for similar jobs

    Keep exploring on Get A Job.ai

    Not quite the right fit? Your next opportunity is a click away.

    Hiring instead? Post a job and reach candidates searching right now.

    Senior GRC Analyst Benevity