Security Specialist-governance, Risk, Compliance (GRC)

Company Description

Summary

Assent is the leading solution for supply chain sustainability tailored for the world's top-tier, sustainability-driven manufacturers.

Hidden risks riddle supply chains, many of which weren't built with sustainability in mind. That's where we step in. With insights from experts, Assent is the tool manufacturers trust for comprehensive sustainability.

We've grown from $5 million to $85 million ARR in just six years. With our recent $350 million funding led by Vista Equity Partners, we're poised for even greater expansion and are on the lookout for outstanding team members.

Being a Certified B Corporation, we don't just advocate for sustainability - we live it. This certification underscores our commitment to environmental, social, and governance excellence.

At Assent, your work will directly amplify transparency, sustainability, and fair practices worldwide.

Hybrid Work Model

At Assent, we proudly embrace a remote-first work model, valuing the flexibility and autonomy it provides our team. We also acknowledge the intangible benefits of occasional in-person workdays.

For team members situated within 50 kms / 31 miles of our five global offices in Ottawa, Eldoret, Penang, Columbus, and Amsterdam, you can expect to come into the office one day a week.

Similarly, those near our co-working spaces in Nairobi and Toronto are encouraged to work onsite once a month.

Join our Talent Community to stay in touch and learn more!

Job Description

You will be an advocate of Assent Security, a true problem-solver that seeks out efficiencies and improvements. Reporting to the Director of Information Security, Privacy and Ethics, you will assist in the implementation of corporate security strategy with a focus on governance, risk, and compliance.

This includes the development and maintenance of security and privacy processes, execution of security and privacy initiatives and being an advocate for Assent Security.

Some highlights include :

• Facilitate and manage the third-party security risk management process
• Coordinate Governance, Risk, and Compliance activities to mitigate and manage risks at Assent
• Conduct, document, and report on security risk assessments for technology systems, and internal and third-party vendor solutions
• Maintain alignment to technology governance and control frameworks such as ISO 27001 / 2, GDPR, and various NIST SP's, implementing where appropriate
• Report out from GRC tool the Key Performance Indicators (KPI) status of risk assessment, control effectiveness, gap remediation, third party risk management issues, and internal and external audit findings and recommendations
• Work cross-functionally with business partners throughout the organization, collaborating with management and their respective teams to drive adoption of Governance, Risk & Compliance policies, standards, principles, procedures, and requirements
• Continuously improve and oversee all aspects of the incident management process from process design and testing, and incident evaluation to resolution.
• Develop, maintain, and implement business continuity strategies and solutions, including risk assessments, business impact analysis, and documentation and testing of business continuity procedures.
• Assist in working with auditors to successfully complete SOC2 and other certifications;
• Maintain job knowledge by understanding emerging security standards and participating in educational opportunities
• Be familiar with corporate security policies and follow the guidance set out by processes and procedures of Assent.

Qualifications

• 4+ years of experience in Information Security and Governance, Risk and Compliance activities
• Have strong oral and written communication skills in English- you communicate clearly, concisely, and with tact;
• Industry certification in Security (preferred)
• Exposure to and knowledge of SOC 2, ISO 27K,, NIST 800-53, GDPR and other security / privacy standards and regulations
• Notable experience around developing policy and procedure guidelines
• Excellent interpersonal skills and are able to work effectively with a diverse group of stakeholders including senior management
• Business focus - you understand how the security piece fits into the grand scheme of the organization

Additional Information

At Assent, we are uniquely positioned to make meaningful, impactful changes in the world around us. If you believe in doing work that matters, we want you to join our team.

Life at Assent

Wellness : We believe that you and your family's well being is important. As a result, we offer vacation time that increases with tenure, comprehensive benefits packages (details vary by country), life leave days and more.

Financial Benefits : It's not all about the money - well, it's a little about the money. We understand that financial health is important and we offer a competitive base salary, a corporate bonus program, retirement savings options and more.

Life at Assent : There is purpose beyond your work. We provide our team members with flexible work options, volunteer days and opportunities to get involved in corporate giving initiatives.

Lifelong Learning : At Assent, curiosity is not only valued but encouraged. You will receive professional development days that are available to you the day you start.

Find Your Balance with Us : We get it - you need work and life to mesh in a way that feels right for you. That's why we're big on remote work and flexibility.

But hey, if you're within 50 kms / 31 miles of our main hubs in Ottawa, Eldoret, Penang, Columbus, or Amsterdam, we do ask that you pop into the office just once a week.

And for our folks near the co-working spots in Nairobi and Toronto? A monthly visit is all we ask

At Assent, we are committed to growing and sustaining an environment where our team members feel included, valued, and heard.

Our diversity and equal opportunity practices are guided and championed by our Diversity and Inclusion Working Group and our Employee Resource Groups (ERGs).

Our commitment to diversity, equity and inclusion includes recruiting and retaining team members from diverse backgrounds and experiences, and fostering a culture of belonging where all team members are included, treated with dignity and respect, promoted on their merits, and placed in positions to contribute to business success.

If you require assistance or accommodation throughout any part of the interview and selection process, please contact talent@assent.

com and we will be happy to help.