GRC Analyst

About Us

Ritchie Bros. (NYSE and TSX: RBA) is a global asset management and disposition company, offering customers end-to-end solutions for buying and selling used heavy equipment, trucks and other assets in numerous industries including construction, transportation, agriculture, energy, oil and gas, mining, and forestry. Our mission is to create compelling business solutions for the world's builders to easily and confidently exchange equipment. Learn more about us at: https://www.ritchiebros.com/

About The Team

Our Technology teams work collaboratively from different locations across the world on multiple eCommerce sites, mobile applications, and automated online auctions. We encourage and celebrate technical innovation and work with some of the industry’s leading technologies and tools.

Every day your work will make a difference in the way we run our business and the in the way customers interact with us.

Job Description

We are looking to hire a GRC Analyst with an analytical mind and a detailed understanding of compliance and audit methodologies. As a Risk & Compliance Analyst, you will be responsible for conducting risk assessments, developing risk management plans, and monitoring compliance with internal policies and external regulations. You will also be responsible for analyzing data, identifying potential risks, and making recommendations for risk mitigation. Additionally, you will play a key role in evaluating and implementing new processes and systems to enhance risk management and compliance efforts.

Responsibilities

Drive the development of and execute risk-based internal controls that clearly define the objective and scope of each risk and control matrix, employing critical thinking and appropriate self-assessment/operating effectiveness testing methodologies.

Perform the evaluation and design of internal controls and make recommendations for improvement

Partner and liaise with internal and external auditors to plan and implement an assessment of the control environment, coordination of timing and execution of process walkthroughs, and a process for timely sharing of potential issues for resolution with respect to internal controls

Provide recommendations to implement and improve controls, processes, and procedures to ensure Information Security compliance and achievement of operating effectiveness.

Responsible for the documentation and maintenance of all business process maps, data lineage, process narratives, control descriptions, and risk and control matrices to ensure accuracy, timeliness, and completeness of information.

Managing and analyzing incoming cyber risks for all departments of the organization, preparing risk reports and ensuring actions are documented and delivered, Tracking and monitoring risk activities, notifying action owners, and escalating where required, ensuring risks and remediation plans are regularly addressed.

Work closely with business unit teams to ensure proper and timely remediation of Information Security controls

Prepare updates to management, including management control remediation plans

Develop processes and policies for reporting findings

Qualifications

A degree in computer science, IT, systems engineering, MIS or related qualification

4-5 years of compliance, risk, audit and/or consulting experience