Jr. GRC Analyst
About KOHO
KOHO’s purpose is to empower Canadians to build a great financial foundation with products that are radically transparent and easy to manage. We first launched in 2017, and we have since built a community of over 1 million users. Leading investors around the globe believe in our vision, and we’ve successfully raised over $320M to make our vision a reality.
Discover our culture here and get the inside scoop from our team here!
About The Role
We’re looking for a Junior Governance, Risk and Compliance (GRC) Analyst to join our team for a role to work remotely based in Canada.
Reporting to our Product Security Manager, you’re going to be a part of a team that does…
What You’ll Be Doing
- Establishing and maintaining compliance standards for KOHO.
- Working with our internal and external partners to conduct risk assessments to identify vulnerabilities and business risks within KOHO.
- Working with all KOHO vendors to ensure that they are compliant to KOHO’s cybersecurity policies.
- Creating, maintaining, communicating and educating our information security policies with the KOHO organization.
- Advising senior leadership on risk management strategies, including risk mitigation, risk reduction, compensating controls, and residual risk analysis.
- Managing security vulnerabilities within KOHO and the risk management process for those vulnerabilities.
- Working with our People and Culture team to ensure that all KOHOnians have a good baseline for security awareness.
- Working with a team of security architects, security operations, product security, risk and fraud professionals.
Who You Are
- You have excellent communication skills – this is required in order to ensure that you can communicate what the risk posture of the organization is relative to your analysis of vulnerabilities and risk.
- You have experience or education with either PCI DSS, SOC2 Type II, FedRAMP, NIST 800-53, NIST CSF.
- You have the ability to work cross functionally. This is a role where soft skills are important in order to ensure partnerships within and outside KOHO, to communicate the risk back to the organization in a clear and concise manner.
- Graduates of software engineering, computer science, business, or accounting and looking for a career change to cybersecurity and/or risk management should feel confident to apply. The team is happy to coach and mentor the right candidate.
- Good to have: You either possess or are working towards a CISSP.
At KOHO, we are dedicated to providing pay transparency to all candidates. Compensation at KOHO is determined through various factors including but not limited to: comparable salary market data within Canada, technical skill assessment, a holistic view of previous work history, and internal pay equity with other KOHO team members.
Target Base Salary Range
$75,000—$100,000 CAD
What's In It For You?
We invest time and resources into making sure KOHO is as good as the people we hire. Here are some of the reasons we attract the best people:
🧘♂️ Balance Your Life - Company-wide summer wellness days, winter holiday closure, personal days, a wellness spending account, and maternity & parental leave top-up
💻 Remote First - Work from anywhere in Canada with a budget to set up your home office
🆙 Level Up - Access to an in-house certified performance coach and an annual training budget
🥅 Reach Your Goals - Salary assessments twice per year
🙌 The KOHO Culture - We have won 7 "Great Place to Work ®" awards since 2019
🤝 Be an Owner - Every KOHO employee gets a generous amount of equity with a 10 year exercise window
The KOHO culture is one of collaboration, creativity, and diverse perspectives. We are committed to building and fostering an inclusive, accessible environment for everyone. If you have any questions, concerns, or requests regarding accessibility needs, please contact peopleaccessibility@koho.ca and the People and Culture team will be happy to help.
#LI-Remote