Manager, Governance, Risk & Compliance (GRC)

Mark Anthony Group is an entrepreneurial drinks company, built from the ground up by thinking differently, innovating and doing the unexpected. Our company is rooted in family values, a bold vision and relentless determination to continuously raise the bar and make a positive difference in consumers' lives. Founded in 1972, we’ve grown organically from a one-person import wine business into an international drinks company. Our hallmarks include a portfolio of iconic beverage brands—White Claw® Hard Seltzer, Mike’s Hard Lemonade, Olé Cocktail Co. and Más+ by Messi™—alongside a collection of luxury wineries in the Okanagan Valley, notably Mission Hill Family Estate, CedarCreek Estate Winery, Martin’s Lane Winery, and CheckMate Artisanal Winery.

The Manager, Governance, Risk & Compliance (GRC) will lead a team responsible for the development and execution of governance frameworks, risk management strategies, and compliance programs that align IT systems with business objectives and regulatory requirements. This role is critical in maintaining a secure, compliant, and resilient technology environment by embedding security-first practices, managing audits, enforcing policies, and overseeing incident response processes.

• Develop, maintain, and enforce IT security policies, standards, and guidelines to ensure compliance and consistency.

• Lead a comprehensive GRC program aligned with ISO27001, ISO27701, SOC2 Type II, NIST 800-53, PCI-DSS, GDPR, Quebec Law 25, and CCPA.
• Conduct risk assessments and control audits; manage Office 365 Compliance Center and drive continuous improvement.
• Build strong partnerships with business stakeholders to achieve compliance and best-in-class security practices.

• Develop and oversee a global risk management program aligned with NIST and ISO frameworks.
• Provide reporting into Enterprise Risk Management and drive adoption of essential security controls.

• Establish and manage a program ensuring timely prioritization and remediation of vulnerabilities across systems and applications.

• Develop and maintain Data Security and Data Loss Prevention (DLP) programs leveraging DSPM capabilities.

• Implement an efficient vendor risk assessment process to support informed business decisions.

• Design and manage an engaging security awareness and training program tailored to organizational needs and regulatory requirements.
• Develop metrics and dashboards to measure program effectiveness.

• 5–7 years in IT security, risk management, or compliance, with leadership in GRC programs.
• Bachelor’s degree in Computer Science, Information Systems, or Business Administration.
• Proven ability in policy frameworks, vulnerability and risk management, and security awareness.
• Certifications: CRISC, CISM, or CISA preferred.
• Strong understanding of risk assessment methodologies, regulatory frameworks, and compliance standards.
• Experience with GRC platforms, Microsoft Purview & Compliance Center, DSPM, and metrics reporting.
• Familiarity with AI for risk assessment, compliance automation, security awareness, and risk reduction.

Mark Anthony is committed to hiring, engaging, and growing qualified, talented, and motivated team members at every level of our organization. We offer competitive compensation that recognizes individual and company performance. The typical hiring range for this position is $115,000 - $145,000 annually complemented by a bonus plan; the base pay is determined by market location and job-related knowledge, skills, experience, and education.

As part of our Total Rewards program, we are also proud to offer:

• Company-matched RRSP contributions
• Extended health and dental benefits, and mental health plans with 24/7 access to a primary care physician via Lumino Health
• Maternity & Adoption Leave Top Up and Paid Secondary Caregiver Leave
• Paid time off
• An extensive offering of world leading learning and development programs to empower your career development – in-person and digital offerings with internationally renowned resources like Franklin Covey and Lumina.

• Located in a prime Vancouver neighborhood (near transit)
• Hybrid work environment of 4-days a week in-office
• Company paid parking
• Complimentary building gym

We are growing a lasting legacy in the beverage alcohol industry, with people first. Apply now!

Our Purpose is not just a statement; it is a call to action that binds us together and ignites our passion for making a difference. It is the driving force behind why we do what we do every single day, connecting our global organization across all business units, roles, and locations. We are:

We set the standard with a pursuit of excellence that can be found in everything from our products and processes to our plants and people.

We stay curious, dreaming big and navigating the unknown with an enduring belief in better.

We bring humility, authenticity, fun, and support to every collaboration and celebrate wins as a team.

We disrupt the status quo, moving fast to seize opportunities and acting scrappy to stay ahead of industry giants.

Mark Anthony Group is an equal opportunity employer. We encourage applications from individuals of all backgrounds who are eligible to work in Canada. We thank all candidates for their interest in MAG and we will reach out to those candidates that are under consideration. If you are contacted for an interview and require accommodation during the recruitment process, please contact your recruiter.