Senior GRC Analyst - Governance & Risk

The Senior GRC Analyst - Governance & Risk will play a critical role in strengthening Marqetas cybersecurity governance risk management and compliance programs. This role will focus on enhancing security policies standards risk assessments and governance frameworks to align with regulatory requirements industry best practices and Marqetas security strategy. The ideal candidate will work closely with cross-functional teams to track and mitigate security risks improve cybersecurity governance structures and ensure compliance with regulatory obligations.

The Impact Youll Have

Governance Policies & Standards

• Develop maintain and enhance cybersecurity policies standards and control frameworks to align with industry regulations (e.g. PCI DSS ISO 27001 SOC 2 SOX DORA & NIST).
• Work with cross-functional teams to ensure cybersecurity policies are embedded in business processes.
• Establish documentation and approval processes for cybersecurity policies ensuring consistency and transparency.
• Maintain a centralized inventory of cybersecurity controls ensuring alignment with regulatory and internal security requirements.
• Conduct cybersecurity risk assessments to identify evaluate and prioritize security risks across Marqeta.
• Develop risk classification and treatment plans to guide security decision-making.
• Monitor and track risk remediation efforts providing guidance on mitigation strategies.
• Work with business and technical teams to ensure risk treatment plans align with company objectives and security standards.
• Drive continuous improvement of risk management processes by identifying emerging threats and adapting security strategies accordingly.

Compliance & Audit Support

• Support external and internal audits (ISO 27001 SOC 2 PCI DSS SOX etc.) by providing necessary documentation evidence and coordination.
• Ensure control validation activities are conducted regularly to maintain compliance with security frameworks and regulatory requirements.
• Collaborate with compliance internal audit and legal teams to maintain a strong cybersecurity compliance posture.
• Track and manage cybersecurity exceptions risk acceptance and remediation activities.

Advisory & Awareness

• Provide guidance to business units on risk management best practices security policy implementation and compliance requirements.
• Work with leadership to develop risk-based security strategies that align with Marqetas business objectives.
• Support security awareness initiatives by contributing to training programs guidelines and best practices for employees and partners.

Who You Are

• 5 years of experience in Cybersecurity IT Risk Management Governance Compliance or Information Security roles.
• Strong understanding of cybersecurity frameworks regulations and compliance standards (e.g. ISO 27001 ISO 27002 ISO 27005 NIST SOC 2 PCI DSS SOX etc.).
• Hands-on experience conducting risk assessments and managing security risks in an enterprise environment.
• Experience working with GRC tools (e.g. OneTrust ServiceNow) to track and manage security governance activities.
• Familiarity with risk management strategies.
• Strong analytical communication and problem-solving skills.
• Ability to work cross-functionally with technical and non-technical stakeholders.
• Holding at least one industry certifications such as CISM CRISC CISSP ISO 27001 Lead Auditor Security or equivalent.

Nice-To-Haves

• Bachelors or Masters degree in Computer Science Information Security Information Technology or a related field (or equivalent experience).
• Experience in the fintech or financial services industry.
• Knowledge of third-party risk management and vendor security assessment processes
• Familiarity with cloud security

Your Manager

Recruiter For This Role

Compensation and Benefits

Marqeta is a Flex First company which allows you to choose your best working environment whether that be from home or at a company office. To support Flex First we calibrate pay to a competitive value according to working location.

When determining salaries we consider several factors including but not limited to skills prior experience and work location. The new-hire base salary range for this position reflected in CAD is : 98600 - 123300.

We also believe in recognizing the contributions of our people. Thats why we award annual bonuses to eligible employees rewarding both individual performance and the success of the entire company.

Along with monetary compensation Marqeta offers

• Multiple health insurance options
• Flexible time off take what you need
• Retirement savings program with company contribution
• Equity in a publicly-traded company
• Monthly stipend to support our remote work model
• Annual development dollars to support our people growth and development
• Family-forming benefits and up to 20 weeks of Parental Leave

Required Experience :

Senior IC

Key Skills

Employment Type : Full Time

Experience : years

Vacancy : 1

Senior Analyst Risk • Toronto, Ontario, Canada