IT GRC Specialist

We are seeking a highly skilled IT GRC (Governance, Risk, and Compliance) Specialist to join our team. The IT GRC Specialist will be responsible for ensuring that our IT systems and processes comply with regulatory requirements and internal policies. This role involves identifying and mitigating risks, developing and implementing compliance programs, and working closely with various departments to ensure the integrity and security of our IT infrastructure.

The Location: Hexagon is a global companty with offices around the world. This position is based in Calgary, AB. We will consider remote work for the right candidate. 

As our IT GRC Specialist, responsibilities include:

• The successful candidate comes with prior experience of implementing security controls recommended by Risk management frameworks like ISO 27000, COBIT/SOX, NIST 800.
• This role involves regular reviews of corporate policies and procedures, serving as a liaison for internal and external IT audits, and managing compliance and governance issues.
• The GRC Specialist will perform gap analysis against business adopted Standards, regulations and compliance requirements. The successful candidate should be able to support the IT team in remediation planning, tracking and closure.
• The role should be able to set up a reporting cadence on the compliance health of assigned projects, all while fostering a culture of continuous process improvement.
• Administer and implement/develop the GRC information platform and associated IT processes.
• Serve as the IT internal and external audit liaison for regulatory issues, IT compliance, and governance.
• Should come with experience on Evidence collection and maintenance to support audits.
• Should come with experience in implementing security best practices and driving continuous improvement in overall security posture.
• Develop and maintain ongoing IT policies, standards, procedures, and processes.
• Lead IT risk assessment process and support Information Security team in overall Information Risk management.
• Conduct GRC tool user training sessions and provide ongoing support to end users.
• Perform risk and control effectiveness tests, risk analyses, and assessments.
• Assist in enhancing third-party risk management activities through refined risk assessment methodologies.
• Develop and maintain security awareness training for new hires and annual refreshers.
• Gather and evaluate information, including supporting auditors, investigations, and customer requests.
• Assist is the completion of customer questionnaires.

Must-Have:

• Bachelor's Degree in computer science, computer engineering, management information systems, information technology or a similar field. An equivalent combination of education, certifications and experience may substitute for a degree.
• Knowledge and experience of information security standards and compliance requirements such as ISO 27001, CIS Controls, NIST 800-171, CMMC, TISAX, GDPR, etc.
• IT/Information security technology and controls experience (e.g., cyber security, network, infrastructure, applications, cloud services, projects, etc.).
• Proven experience in IT governance, risk management, and compliance.

Key Success Factors: 

• Strong communication and interpersonal skills, with the ability to work effectively with cross-functional teams.

Not sure if you meet all the qualifications for this role? Let us decide! At Hexagon, we are committed to a diverse and inclusive work environment. If you’re excited about the opportunities this role could bring, we encourage you to apply. For any questions about the role or our company, please email our team at hrrecruitingteam.ap@hexagon.com and we will be pleased to follow up with you. Please do not send cover letters or resumes to this address.

The Company: Hexagon is a global leader in digital reality solutions, combining sensor, software, and autonomous technologies. We are putting data to work to boost efficiency, productivity, quality, and safety across industrial, manufacturing, infrastructure, public sector, and mobility applications. You’ll be joining over 24,000 people in 50 countries on the leading edge of your field. This position is with Hexagon’s Autonomous Solutions division, a global technology leader, pioneering end-to-end solutions for assured positioning and autonomy on land, sea, and air. Our work touches every aspect of life, from sustainability on Earth to enabling autonomy. 

Applicants who require accommodation in the job application process may contact Human Resources at hrrecruitingteam.ap@hexagon.com.