Sr Governance, Risk & Compliance Consultant

Status: Permanent Full Time

Education Level: completion of 4 years of University in computer science.

Base Location: Oshawa, ON

Shift: Days

Travel: 10%

Deadline to Apply: July 10, 2026

Salary Range: $2,751.92 - $3,227.88 Per Week

Electrify your career and help build a brighter tomorrow.

Every generation has a challenge that defines them. At OPG, we are calling on all innovators, disruptors, thought leaders and change-makers. Join us as we work to electrify life in one generation and build a sustainable future powered by our electricity, our ideas, and our people. Join OPG and make history.

Whether you work in the skilled trades or are a business professional, a career at OPG is an opportunity to electrify your life on -- and off -- the job.

JOB OVERVIEW

Ontario Power Generation (OPG) is looking for a dynamic, strategic and results-driven professional to join our team in the role of Senior Governance, Risk & Compliance Consultant.

Reporting to the Section Head, Information Systems, this position is responsible is responsible to lead and conduct cybersecurity assessments, policy gap analysis, and risk evaluations based on established frameworks such as NIST, ISO, and CIS, while advising business units and subsidiaries on governance, risk, and compliance best practices.

KEY ACCOUNTABILITIES 

• Responsible for creating, maintaining, and enforcing cybersecurity standards, policies, and procedures across the organization.
• Develops cyber governance frameworks that align with regulatory requirements, industry standards, and organizational risk objectives.
• Assesses compliance with established cyber standards and identifies gaps, risks, or areas requiring improvement.
• Assists in developing and maintaining Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for the Cyber Governance Security Program and initiatives. Provide advisory service to business units on governance, risk, and compliance best practices.
• Has experience working with GRC tools like ServiceNow IRM, Archer, etc. and helps develop and maintain risk registers and maintain GRC tools to provide oversight for the cybersecurity program
• Conduct various risk, gap, control, maturity, and compliance assessments based on established security frameworks including but not limited to NIST CSF, CIS, ISO 27001, ISF, CSA N290.7, NERC-CIP, etc.
• Perform Third party Cyber risk assessments by working with vendors and ensure adherence to Cybersecurity Terms and Conditions using a Risk based approach.
• Support ICFR activities, including control design assessment, operating effectiveness testing, evidence review, and remediation tracking to ensure compliance and risk mitigation

QUALIFICATIONS

• 4 Year University Degree in Computer Science is required.
• Minimum 6 years of relevant working experience.
• Demonstrated experience developing, maintaining, and enforcing cybersecurity policies, standards, procedures, and governance frameworks aligned with organizational risk objectives.
• Strong working knowledge of established cybersecurity frameworks and standards such as NIST CSF, CIS Controls, ISO 27001, ISF, CSA N290.7, NERC-CIP, and related regulatory or compliance requirements.
• Proven ability to perform risk, gap, control, maturity, third-party, and compliance assessments; identify findings; and recommend practical remediation actions to improve security posture.
• Experience using GRC or Integrated Risk Management tools such as ServiceNow IRM, Archer, or equivalent platforms to maintain risk registers, track issues, support reporting, and provide program oversight.
• Strong ability to partner with business, technology, cybersecurity, audit, regulatory, vendor, and executive stakeholders to support governance activities, policy adoption, risk remediation, and committee reporting.
• Experience developing KPIs, KRIs, executive or Board-level reports, control failure reporting, and program health reporting to support continuous improvement of cybersecurity governance, risk, and compliance programs.

The successful candidate will exhibit uncompromising integrity and commitment to upholding corporate values, and the OPG Code of Business Conduct.

OPG is committed to fostering an inclusive, equitable, and accessible environment. If you require accommodation during the selection process, please contact AODA@opg.com

What makes a career at OPG different?

With operations across Ontario, OPG is one of the most diverse power producers in North America. As the largest generator in Ontario, we meet approximately 50% of the province’s electricity needs, largely from low-carbon sources like nuclear and hydro. 

As we work to achieve our vision of Electrifying life in one generation, OPG and our family of companies are also helping advance the development of new low-carbon technologies such as Small Modular Reactors (SMRs), refurbishment projects, and electrification initiatives to help power the growing demands of a growing economy. Join OPG and make history.

Please submit your application online at https://jobs.opg.com/.  OPG thanks all those who apply; however, only candidates considered for an interview will be contacted.

Please note: All job postings at OPG are to fill existing vacancies within our organization. 

OPG may use artificial intelligence (AI) tools as part of the applicant screening process. However, applications will also be reviewed by a member of our Recruitment team to ensure a fair and thorough assessment.

The base salary range considers many factors including, but not limited to experience, education, and training, including any collective agreement requirements for union represented positions. It is not typical for the salary to be offered near the top of the range, and salary is dependent on numerous factors. For management roles, the base salary range does not represent the total compensation package. The total compensation package for regular full-time management roles includes pay-for-performance programs for annual and medium time periods. Maintaining a high-performance culture and excellence is a core expectation of every member of our leadership team and is rewarded through the established compensation framework.

OPG is committed to employment equity. As such, we encourage applicants from equity-seeking communities (Indigenous Peoples, racialized persons, persons with disabilities, and women). We strongly believe that alleviating the under-representation of equity-seeking individuals will create a stronger OPG team and allow us to better serve the needs of our diverse communities.

In order to fulfill the above-mentioned purpose, priority in hiring may be given to qualified persons who self-identify as a member of equity-seeking groups as identified in the application process. This initiative constitutes a special program under the Human Rights Code/Canadian Human Rights Act.