Job Description

Job description

Job Type:

Full-time

|

Location:

Vancouver

|

Department:

Information Technology

|

Reporting to:

IT Compliance Manager

|

Work Location Type:

#hybrid


IREN is a leading next-generation data center business powering the future with 100% renewable energy. We build, own and operate our data centers and take pride in being at the forefront of sustainable solutions for the ever-evolving applications of high-performance compute. We believe that human progress is invaluable, but it should be done in the right way - responsibly, sustainably and having a positive impact on the communities we operate in.


We are seeking an experienced and strategic

Sr.

Governance Risk and Compliance (GRC) Analyst

to support the design, implementation, and management of our IT compliance and risk programs across our national network of data centers. This role is critical to ensuring our IT operations align with regulatory requirements, customer expectations, and industry best practices.


The

Sr.

Governance Risk and Compliance (GRC) Analyst

will collaborate with infrastructure, cybersecurity, and operations teams to build a robust governance framework, ensure the effectiveness of technical and procedural controls, and support external and internal audits.


We have grown substantially since 2019, from our inception in Australia to now having several facilities across North America and being listed on NASDAQ... and we are just getting started! By joining us, you will be contributing to the future of sustainable high-performance compute and the local communities we strive to have a positive impact on.

Job requirements

Bachelor's (or Master's) degree in Information Security, Risk, Business or equivalent. 5-7 years of experience in cybersecurity, IT program management, or a related field. Proven track record leading at least one successful FedRAMP authorization. Deep knowledge of the FedRAMP framework, NIST 800-53 controls, and supporting documentation. Audit/assessment experience using risk-based frameworks. Familiarity with cloud security architecture and adjacent frameworks (SOC 2, ISO 27001, HITRUST, etc.) Strong communication and relationship-building skills across technical and executive levels. Demonstrated analytical and problem-solving skills, highly organized and detail oriented. Experience engaging with government agencies or federal sector stakeholders is highly desirable. Relevant certifications (CISM, CISA, CRISC, CISSP, ISO 27001 Lead Implementor) strongly preferred.

Job responsibilities

Lead enterprise-wide risk assessment programs, identify strategic risks, recommend mitigation and monitor residual risk. Develop and maintain governance frameworks that align business objectives with regulatory/compliance requirements and security best practices. Execute the company's FedRAMP authorization program from strategy through implementation. Manage relationships with 3PAOs, consultants, and other external partners to facilitate assessments and drive progress. Lead the preparation and submission of all FedRAMP deliverables, including the System Security Plan (SSP), policies, procedures, and supporting security documents. Develop and maintain security and privacy policies, standards, and control frameworks aligned with ISO 27001, SOC 2, HITRUST, FedRAMP, and other global regulations. Support policy approvals, exception handling, and attestation processes while identifying opportunities for automation and process improvements. Lead and execute enterprise risk assessments, including vendor and process-level reviews. Support IREN's Third-Party Risk Management program including vendor assessments, monitoring, and remediation tracking. Lead readiness and response efforts for ISO 27001, HITRUST, FedRAMP and other audits and certifications. Keep abreast of emerging regulatory, technological and business-risks, and drive improvements to the GRC program accordingly.

Job benefits

Compensation & Rewards

Competitive salary starting at CAD $95,000/annum and finalized based on experience and impact Short- and long-term incentive programs designed to reward both results and long term company success

Wellbeing & Benefits

Comprehensive extended health and dental coverage to keep you and your family supported Three weeks of paid vacation to recharge, travel, or simply enjoy more life outside of work (note that paid vacation is for salaried employees only)

Work Environment (Vancouver)

A modern hybrid model -- collaborate in our Vancouver office Tuesday-Thursday, with flexibility the rest of the week Casual, comfortable attire so you can bring your best self to work without the suit-and-tie Access to an onsite, fully equipped gym to make wellness part of your workday
We value diverse perspectives and believe that skills can be developed. If you're passionate about this role, we want to hear from you -- whether you meet every criteria or not. Your unique experiences might be exactly what we need!


IREN is an equal opportunity employer that is committed to creating an inclusive workplace. We are committed to evaluating qualified applicants and do not discriminate against protected characteristics under applicable legislation. This job will remain posted until filled. While we appreciate all applications we receive, we are only able to contact candidates under consideration.


By applying for this position and submitting your resume and application materials, you consent to the processing of your personal information in accordance with our Job Applicant Privacy Statement available on our website at www.iren.com.