Jobs

Build where you're strongest. All of our portfolio companies are hiring. We’d love to help facilitate a match.
companies
Jobs
Search 
jobs
Explore 
companies
Join talent network
Talent
My job alerts

Senior GRC Analyst

KOHO Financial

KOHO Financial

IT
Canada
CAD 93k-123k / year
Posted on Aug 19, 2025
Apply now

Location

KOHO (CAN)

Employment Type

Full time

Location Type

Remote

Department

Technology

Compensation

  • Budgeted range for this job CA$93K – CA$123K

At KOHO, we are dedicated to providing pay transparency to all candidates. Compensation at KOHO is determined through various factors including but not limited to: comparable salary market data within Canada, technical skill assessment, a holistic view of previous work history, and internal pay equity with other KOHO team members.

About KOHO

We’re on a mission to make financial services better for every Canadian. That means no hidden fees, no predatory interest rates - just financial products designed to help our users spend smart, save more, and build real wealth. We’re a performance organization with a strong heart: we care deeply about outcomes, and everything ties back to our mission - to financially empower a generation of Canadians.

At KOHO, we’re not your average 9-5. We believe real impact comes from people who are trusted, empowered, and supported to do their best work - without sacrificing their lives to do it. We prioritize work-life integration, not just work-life balance. That means asynchronous collaboration, flexible hours, and a remote-first setup built around autonomy and high trust.

KOHO is entering its next chapter - leaner, smarter, more AI-integrated. We’re building for impact, not bureaucracy. If you thrive in environments that value clarity, ownership, and bold thinking, you’ll fit right in.

About The Role

We’re looking for a Senior Governance, Risk and Compliance (GRC) Analyst to join our team for a role to work remotely based in Canada.

Reporting to our Senior Manager, Product Security you’re going to be a part of a team that does…

What You’ll Be Doing

  • Building up and establishing a risk and compliance program with a maniacal focus on automation and repeatability. Specifically for PCI DSS and SOC 2, Type 2. The successful candidate will be responsible for obtaining and preparing evidence packages for submission to auditors while building the program.

  • Building up and/or establishing a third party cybersecurity risk management program, vulnerability management program, and phishing program.

  • Work with engineers and developers to triage vulnerabilities, assign risk, and prioritize fix.

  • Working with our internal and external partners to identify cybersecurity risks, conduct assessments of those risks, and manage the ongoing risk posture.

  • Create, maintain and communicate information security policies, standards, and procedures across the organization.

  • Advising security leadership on risk management strategies, including risk mitigation, risk reduction, compensating controls, and residual risk analysis.

  • Working with our People and Culture team to ensure that all KOHOnians have a good baseline for security awareness.

  • Support broader tech compliance requirements as it relates to RPAA, Mastercard, OSFI, and more.

Who You Are

  • Bachelor’s degree in computer science, technology management, or related technical or management field.

  • You have the ability to be a self starter and have agency to own the risk and compliance roadmap.

  • You have excellent communication skills – this is required in order to ensure that you can communicate what the risk posture of the organization is relative to your analysis of vulnerabilities and risk.

  • You have experience with PCI DSS, SOC2 Type II, and NIST 800-53/NIST CSF.

  • Hands on experience with AWS Security Hub, GuardDuty, Inspector, CloudTrail, Config, SCPs, and other AWS native technologies.

  • Experience leading audits and working with regulators.

  • Experience in building your own automations and scripts in order to pull data to adhere to automate evidence retrieval.

  • You have the ability to work cross functionally. This is a role where soft skills are important in order to ensure partnerships within and outside KOHO, to communicate the risk back to the organization in a clear and concise manner.

  • Preferred: Familiar with OSFI guidelines (B-10 and B-13) and RPAA (Retail Payment Activities Act).

  • Preferred: You either possess or are working towards a CISSP.

What’s in it for you?

  • 📈 Opportunity to shape the future of fintech and financially empower a generation of Canadians

  • 💰 Competitive compensation & equity

  • 🤝 Fantastic, Deeply Engaged Team (check out our engagement scores here!)

  • 🌴 Generous vacation + Wellness days + Flex Days + holiday closure

  • 💻 Remote-first environment + coworking support + yearly all hands retreat

  • 🧠 Access to coaching & growth programs

  • 👶 Parental top-up & leave policies

  • 🏥 Comprehensive health benefits

  • 💡 Power-up budgets for books, home office setup, phone & internet, AI tools, and professional development

KOHO is for builders.

If you’re energized by challenge, motivated by mission, and want to be part of a team that punches above its weight - we want to hear from you.

The KOHO culture is one of collaboration, creativity, and diverse perspectives. We are committed to building and fostering an inclusive, accessible environment for everyone. If you have any questions, concerns, or requests regarding accessibility needs, please contact peopleaccessibility@koho.ca and the People and Culture team will be happy to help.

AI Disclosure: KOHO uses artificial intelligence (AI) in certain aspects of its recruitment process to screen, assess, or select applicants. For any questions or concerns, please contact us at talent@koho.ca.

Note: this posting is for an existing vacancy that we are seeking to fill.

#LI-Remote

Compensation Range: CA$93K - CA$123K

Apply now
See more open positions at KOHO Financial
Privacy policyCookie policy