InfoSec GRC Technology Risk Specialist

We are seeking a seasoned Technology Risk Specialist to lead cross-functional initiatives at the intersection of IT, OT, and compliance. This individual will oversee the enterprise IT risk landscape, guide the integration of regulatory frameworks, and enable executive visibility through risk dashboards and strategic reporting.

YOU’LL HAVE THE OPPORTUNITY TO:

• Lead enterprise-wide IT/OT risk assessments and maintain a current view of the threat landscape and emerging risks.
• Develop, maintain, and oversee the IT risk universe, ensuring proper risk classification, ownership, and mitigation strategy alignment.
• Support the implementation and continuous improvement of internal controls to meet SOx and other regulatory requirements, as well as develop action plans to reduce or mitigate technological risks.
• Design and maintain executive dashboards and risk reporting tools for real-time insights on compliance and risk posture.
• Deliver training and risk scenario workshops for executives and risk owners to strengthen accountability and response readiness.
• Collaborate across cybersecurity, GRC, IT operations, and business functions to harmonize risk frameworks.
• Support audits by preparing evidence and ensuring documentation aligns with policies.
• Be responsible for quarterly residual risk updates and liaise with relevant parties for action mapping.
• Navigate different frameworks, suggest changes, create risk scenarios, and act as a trusted advisor for strategic risk mitigation projects.
• Support the transformation of the technological risk management culture, listening and adapting to various IT departments.
• Apply solid knowledge of quantitative and qualitative risk analysis.
• Support the TPRM process for IT/OT suppliers.

YOU’LL THRIVE IN THIS ROLE IF YOU HAVE THE FOLLOWING SKILLS AND QUALITIES:

• Bachelor’s or Master’s degree in IT, Cybersecurity, Engineering, or related field.
• 5+ years of experience in technology risk management, IT audit, or compliance within regulated industries.
• Knowledge of IT/OT risks, standards (SOx, NIST CSF, ISO 27001), and security frameworks.
• Experience building dashboards and risk heat maps in tools like Power BI.
• Excellent communication and facilitation skills, especially with senior leadership.
• Proficiency in scripting (SQL and DAX).
• CRISC, FAIR, or similar certification is desirable.
• Bilingual in English and French is a plus.

ACKNOWLEDGING THE POWER OF DIVERSITY

BRP is committed to fostering an inclusive culture that values diverse backgrounds, perspectives, and experiences, fueling our innovation and growth.

We aim to create a workplace where everyone feels a sense of belonging, can grow, and find purpose.

AT BRP, WHEN WE TALK ABOUT BENEFITS, WE GO ALL IN.

We offer a strong foundation of benefits:

• Annual bonus based on company results
• Generous paid time off
• Pension plan
• Collective savings opportunities
• Comprehensive healthcare fully paid by BRP

And some feel-good perks:

• Flexible work schedule
• Summer schedules by department and location
• Holiday shutdown
• Educational resources
• Discounts on BRP products

WELCOME TO BRP

We’re a global leader in recreational vehicles and boats, driven by innovation and customer focus. Headquartered in Valcourt, Quebec, with facilities worldwide, our team of nearly 20,000 is passionate about the journey, not just the destination.

#LI-Hybrid

#LI-KB12