InfoSec GRC Technology Risk Specialist

We are seeking a seasoned Technology Risk Specialist to lead cross-functional initiatives at the intersection of IT, OT, and compliance. This individual will oversee the enterprise IT risk landscape, guide the integration of regulatory frameworks, and enable executive visibility through risk dashboards and strategic reporting.

YOU’LL HAVE THE OPPORTUNITY TO:

• Lead enterprise-wide IT/OT risk assessments and maintain a current view of the threat landscape and emerging risks.
• Develop, maintain, and oversee the IT risk universe, ensuring proper risk classification, ownership, and mitigation strategy alignment.
• Support the implementation and continuous improvement of internal controls to meet SOx and other regulatory requirements, as well as mapping out, in line with the financial capacity of the departments and strategy, action plans to reduce or mitigate technological risks encountered.
• Design and maintain executive dashboards and risk reporting tools to ensure leadership has real-time insights on compliance and risk posture.
• Deliver training and risk scenario workshops for executives and business risk owners to strengthen accountability and risk response readiness.
• Collaborate across cybersecurity, GRC, IT operations, and business functions to harmonize IT and OT risk frameworks.
• Support internal and external audits by preparing evidence and ensuring documentation is complete and aligned with policy.
• Be responsible for the quarterly update of the residual risk calculation and liaise with relevant parties for mapping actions.
• Navigate different frameworks, suggest changes or create risk scenarios, and act as a trusted advisor for strategic projects to reduce or mitigate risks.
• Support the transformation of the technological risk management culture by listening and adapting to IT departments’ needs.
• Apply solid knowledge of quantitative and qualitative analysis of technological risks.
• Support the TPRM process for IT/OT suppliers.

YOU’LL THRIVE IN THIS ROLE IF YOU HAVE THE FOLLOWING SKILLS AND QUALITIES:

• Bachelor’s or Master’s degree in Information Technology, Cybersecurity, Engineering, or a related field.
• 5+ years of experience in technology risk management, IT audit, or compliance within regulated industries.
• Knowledge of IT/OT risks, regulatory standards (SOx, NIST CSF, ISO 27001), and security frameworks.
• Experience building dashboards and risk heat maps in tools like Power BI.
• Excellent communication and facilitation skills, especially with senior leadership.
• Proficiency in scripting (SQL and DAX).
• CRISC, FAIR, or equivalent certification is desirable.
• Bilingual in English and French is a plus.

ACKNOWLEDGING THE POWER OF DIVERSITY

BRP is dedicated to fostering an inclusive culture that values diversity in backgrounds, profiles, beliefs, and experiences. Our diversity fuels our ingenuity and drives our success.

We strive to create an environment where every employee feels a sense of belonging, can grow, and find purpose.

AT BRP, WHEN WE TALK ABOUT BENEFITS, WE GO ALL IN.

We offer a strong foundation including:

• Annual bonus based on company performance
• Generous paid time off
• Pension plan
• Collective savings opportunities
• Comprehensive healthcare fully paid by BRP

Feel-good perks include:

• Flexible work schedule
• Summer schedule variations by department and location
• Holiday shutdown
• Educational resources
• Discount on BRP products

WELCOME TO BRP

We are a global leader in recreational vehicles and boats, driven by innovation and customer focus. Headquartered in Valcourt, Quebec, with facilities worldwide, our team of nearly 20,000 is passionate about the journey, not just the destination.

#LI-Hybrid

#LI-KB12