Governance, Risk & Compliance Analyst

Greater Toronto Area
CMS – Digital /
Full-Time /
Hybrid
Apply for this job
TRADER Corporation is a trusted Canadian leader in online media, dealer and lender services. The company is comprised of AutoTrader.ca, AutoSync and Dealertrack Canada. AutoTrader.ca (AutoHebdo.net in Quebec) offers the largest inventory of new cars and used cars in Canada, receiving over 25 million monthly visits to its marketplace. With over 3,500 subscribers and counting, AutoSync is the largest and fastest growing dealer and OEM software provider in Canada. The platform's suite of connected automotive software solutions brings advertising, conversion and operational support together, synchronizing the entire retail process. AutoSync's diverse range of offerings includes: vAuto, EasyDeal, xtime, Motoinsight, Activix, TAdvantage and TRFFK. Dealertrack is Canada’s largest automotive financing portal, enhancing efficiency and profitability for all major segments of the automotive, marine, recreational vehicle, motorcycle and powersport retail industries. Over 6.5 million credit applications are submitted via the Dealertrack Canada portal each year. Collateral Management is a national, end-to-end, managed technology solution that offers industry insight and multi-channel collection strategies to maximize funds recovered. Collateral Management helps you remain compliant in all jurisdictions, alleviating your exposure to reputational and financial risks. Visit tradercorporation.com to learn more. .

TRADER Corporation's parent company AutoScout24 is the largest pan-European online car market with over 2 million listings and more than 43,000 dealer customers. With AutoScout24, users can find, finance, buy, subscribe for and sell used and new cars. The marketplace provides inspiration on cars and other vehicles and makes hard decisions easy.

Since 1998 AutoScout24 has been offering private users, car dealers and other cooperation partners from the automotive, financial and insurance services sector a comprehensive digital platform for car trading. The online marketplace includes used and new cars, motorcycles as well as commercial vehicles. AutoScout24 has over 30 million users per month, more than 43,000 dealers and around 500 employees. In addition to Germany, AutoScout24 is also represented in the European core markets of Belgium, Luxembourg, the Netherlands, Italy, France and Austria.

More information on www.autoscout24.de

Experience leveraging AI, Generative AI (GenAI) to enhance engineering productivity, automate repetitive tasks, and optimize workflows. Candidates should demonstrate the ability to integrate AI-driven solutions into their daily work — such as code generation, debugging, reviews, documentation, and decision support—to improve efficiency for themselves and their teams. A proactive approach to exploring and implementing AI tools that drive innovation and streamline development processes is highly valued

Summary
Governance, Risk and Compliance is accountable for the design and implementation of Trader Corporation’s GRC Framework that sets out the company's policies, processes and practices as well as executes on the identification, assessment, reporting, mitigation and control of operational and financial crimes risk. As an integral part of the team, the GRC Analyst, you will be responsible for planning, executing, and supporting the creation an implementation of our GRC program across our organization. You will work closely with control managers, analysts, and stakeholders to ensure that our GRC goals and objectives are met. You will assist the GRC leader in program rollout, internal and external operational audits and assessments, and report on risk.

GRC acts as an independent risk management function responsible for ensuring the Company has an effective risk management and compliance program to manage risk within the Company’s risk appetite.

This position reports to the Sr. Director GRC.

Responsibilities
·      Actively participate in the planning and implementation of the Trader Corporation GRC program, including - defining and enhancing risk appetite, policies, procedures, risk metrics, control library, risk training, compliance, regulatory affairs, risk reporting and audit preparation.
·      Support Management in determining strategy, roadmap and overall direction for the GRC program.
·      Support and grow the Governance, Risk, and Compliance function.
·      Maintain and monitor security and privacy policies and training programs in partnership with other stakeholders.
·      Support and strengthen privacy and security risk management programs within the organization.
·      Collaborate with internal and external resources in conducting compliance audits.
·      Provide reporting on key performance indicators (KPIs) for compliance programs and security risks.
·      Manage the third-party risk management process for external vendors.
·      Manage and respond to customer and prospect security questionnaires and requests.
·      Manage and respond to requests under GDPR/CCPA and other applicable privacy laws
·      Manage issues/gap identification and remediation, including drafting and communication/discussion with Stakeholders.
·      Collaborating with all stakeholders – risk subject matter experts, senior management and control managers, to ensure timely delivery of accurate, complete and meaningful risk feedback to help bring a more risk informed view to decision making, and to help protect the organization from negative risk events.
·      Responsible for coordination and production of risk material for senior management, external and internal stakeholders.
·      Creation and sustainment of procedures that support the execution of key accountabilities.
·      Provide guidance and support to teams and stakeholders on security best practices, processes, and tools.
·      Assist with the assessment and implementation of new security solutions.
·      Manage risk projects. 

Qualifications
·      Bachelor's degree in computer science, information security, or related field, or equivalent work experience.
·      3 or more years of experience in security risk management, information security, or other GRC areas.
·      Practical experience with one or more security or risk management standards (e.g. SOC2, ISO27001, NIST CSF, COSO, PCI DSS).
·      Excellent analytical skills and ability to analyze security requirements and relate them to appropriate controls.
·      Experience managing simultaneous projects across multiple teams.
·      Strong verbal and written communication skills with the ability to tailor communication on the other party

#INDHP
What’s in it for you…
-We understand that there is life at work and life outside of work. Here are a few benefits we all benefit from that support us to be our creative best.
 
Fitness and wellness
-We provide discounts to nation-wide gyms, onsite gyms (when we’re in the office), an Employee and Family Assistance Program, as well as a virtual wellness program.
 
Benefits from Day 1
-Gym discounts
-Local in-office free gyms
-Employee and Family Assistance program
-Weekly virtual wellness events
-Conferences & training budget
-Regular internal training programs
 
Financial planning
-Let us help you invest in your future with 3% matching towards your pension and multiple forms of income protection.
 
Competitive salary
-Annual bonus structure
-3% CPP matching
 
Apply for this job

AutoTrader.ca Home Page

Jobs powered by Lever logo