GRC Manager, Cyber Advisory

We are seeking a highly skilled and strategic InfoSec GRC Manager - Cyber Advisory to lead and enhance our governance, risk, and compliance (GRC) function. This role will be responsible for identifying and mitigating cybersecurity risks, ensuring regulatory compliance, and advising senior leadership on security strategies. The ideal candidate will partner with Enterprise Architecture, IT / OT Security, Risk Management, and Project Management teams to ensure security is embedded in business processes and technology initiatives.

1. Cybersecurity Governance and Risk Management: Develop and supervise the implementation or adaptation of strategic projects in accordance with security policies, structures, and controls aligned with industry standards, ensuring compliance with internal regulations such as SOx.
2. Strategic Cyber Advisory: Act as a trusted security adviser to executive leadership, translating complex security risks into business-aligned recommendations.
3. Risk Assessments and Mitigation: Lead cyber risk identification, assessment, and mitigation strategies across key technology projects.
4. Security by Design: Collaborate with Enterprise Architecture, IT, and OT teams to embed security into project lifecycles, cloud environments, and digital transformation initiatives.
5. Regulatory Compliance and Audit Readiness: Ensure compliance with global security regulations, support audit processes, and guide teams in addressing security gaps.
6. Incident Response and Crisis Management: Provide governance and oversight during cyber incidents and security breaches, ensuring effective response and lessons learned.
7. Security Awareness and Culture: Drive cybersecurity awareness programs to foster a risk-aware culture.
8. Metrics and Reporting: Develop and maintain KRIs and KPIs to measure security effectiveness and report insights to the InfoSec GRC Director.

• 8+ years of experience in cybersecurity governance, risk management, and compliance (GRC).
• Strong expertise in security frameworks and regulations (ISO 27001, NIST, CIS, GDPR, SOC 2, etc.).
• Experience collaborating with Enterprise Architecture, IT Security, and OT Security teams.
• Deep understanding of enterprise security architecture, cloud security, and emerging threats.
• Strong leadership and stakeholder management skills.
• Experience with enterprise risk management, compliance, and internal audit functions.
• Professional certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementer are preferred.

BRP values diversity and strives to create an inclusive workplace where everyone feels they belong, can grow, and find meaning. We believe diversity fuels our ingenuity and shapes our future.

• Annual bonus based on company results
• Generous paid time off
• Pension plan
• Collective savings opportunities
• Industry-leading healthcare fully paid by BRP

• Summer work schedule options
• Holiday season shutdown
• Educational resources
• Discounts on BRP products

BRP is a global leader in recreational vehicles and boats, driven by innovation and customer focus. Headquartered in Valcourt, Quebec, with manufacturing facilities worldwide, our team of nearly 20,000 passionate employees is committed to making a difference in mobility and recreation.