Posting End Date:
December 21, 2025Employee Type:
Regular-Full timeUnion/Non:
This is a non-union positionIn today’s digital landscape, safety is the cornerstone of trust and resilience in the IT space. Cybersecurity, risk management, and compliance are not just technical requirements—they are essential safeguards that protect sensitive data, ensure operational continuity, and uphold regulatory obligations. Read on to know more about this role!
As an IT Specialist – Governance, Risk & Compliance (GRC), your role is critical to ensuring our organization meets regulatory requirements, internal policies, and industry standards. This enables us to proactively manage risks and defend the Company against evolving threats, maintain stakeholder confidence, and create a secure environment where innovation thrives.
We are seeking a talented candidate with direct experience in cybersecurity governance, risk management, and compliance who is passionate about driving a culture of accountability and security across the business. If this is you, apply today. #joinourteam
Note: Internally, this role is referred to as Specialist I TIS GRC
What you will do:
Compliance Assurance, Monitoring, and Reporting
Manage and coordinate compliance assurance activities, including NIST Cybersecurity Framework (CSF) maturity assessments, regulatory assessments such as Sarbanes-Oxley (SOx) and Transportation Security Administration Security Directives (TSA SD), and internal audit engagements.
Collect and validate compliance evidence for audits and assessments.
Provide timely support to stakeholders and subject matter experts in developing responses, remediation plans, and actionable strategies.
Perform risk-based compliance checks and controls testing to validate effectiveness.
Maintain accurate compliance performance through dashboards and management reporting.
Ensure timely closure of audit findings and maintain audit logs.
Risk Management Support
Identify and report emerging risks driven by technological and regulatory changes.
Contribute to risk assessments and support tracking, monitoring, and documentation of risks.
Governance – Policy and Standard Support
Assist in reviewing and updating cybersecurity policies, standards, and procedures.
Support governance activities ensuring documentation aligns with organizational objectives and regulatory obligations.
Relationship Management
Engage with internal stakeholders on compliance-related controls and risks.
Maintain strong relationships with third-party assessors and internal audit teams to ensure seamless audit execution.
Continuous Improvement
Identify opportunities to streamline compliance processes through automation and AI.
Conduct post-implementation review sessions and integrate improvements into frameworks and processes.
Who You Are:
University degree in computer sciences, engineering, audit, business, or related disciplines.
A minimum of 6 years of progressive direct experience in the field of information security, IT governance, compliance, cybersecurity, audit, or risk management.
Working knowledge of cybersecurity and risk management best practice specifically NIST frameworks.
Ability to manage concurrent initiatives and conflicting priorities.
Highly disciplined and professional regarding handling confidential information.
Demonstrated understanding of various compliance and quality assurance roles.
Ability to effectively interact with personnel involved in policy, technical, operational, and program management work.
Excellent communication skills both written and verbal.
Preferred:
Demonstrated understanding of various audit and quality assurance roles.
Familiarity of SOx IT controls and regulatory requirements in US and Canada (i.e., TSA Security Directives, CFR, and CER).
Ability to effectively collaborate with personnel at all levels involved in policy, technical, operational, and program management activities.
Physical Requirements:
Include but not limited to: Grasping, kneeling, light – moderate lifting (objects up to 20 pounds), reaching above shoulder, repetitive motion, typing, sitting, standing, visual requirement (able to see screens, detect color coding, read fine print), hearing requirement and the ability to sit at a computer for long periods of time.
Mental Requirements:
Include but not limited to: Ability to: understand, remember and apply oral and/or written instructions or other information, understand complex problems and collaborate/explore alternative solutions, organize thoughts and ideas into understandable terminology, organize and prioritize work schedule on a short-term basis, make decisions which have moderate impact on the immediate work unit and monitor impact outside this area, understand and follow basic instructions and guidelines, complete routine forms, compose letters, outlines, memoranda and basic reports and communicate with individuals via telephone.
Flex-Work:
Enbridge provides competitive workplace programs that differentiate us and offer flexibility to our team members. Enbridge’s FlexWork (Hybrid Work Model) offers eligible employees the opportunity to work variable daily schedules with a flexible start or end time, to opt for a compressed workweek schedule or the option to work from home on Wednesdays and Fridays. Role requirements determine your eligibility for each option. #LI-Hybrid
At Enbridge, we are dedicated to our core value of Inclusion. We are proud to be an Equal Opportunity Employer. We are committed to providing employment opportunities to all qualified individuals, without regard to age, race, color, national or ethnic origin, religion, sex, sexual orientation, gender identity or expression, marital status, family status, veteran status, Indigenous status, disability, or any other reason protected by federal, state, or local law. Applicants with disabilities can request accessible formats, communication supports, or other accessibility assistance by contacting careers@enbridge.com.
Information For Applicants:
Applications can be submitted via our online recruiting system only.
We appreciate your interest in working with us; however, only those applicants selected for interviews will be contacted.
Final candidates for this position may be required to undergo a security screening, including a criminal records check.
To learn more about us, visit www.enbridge.com