Principal Risk and Compliance Analyst

Posted 12 Days Ago
Be an Early Applicant
Hiring Remotely in Canada
Remote
Expert/Leader
Software • Web3
The Role
Lead the compliance efforts at CoLab, managing audits across multiple certifications while engaging with stakeholders and developing policies for security and compliance.
Summary Generated by Built In

About CoLab

At CoLab, we want to help mechanical engineering teams bring life-changing products to market years sooner.

CoLab is a cloud based platform for engineering design review. We make it easy for subject matter experts (SMEs) across your business to access, evaluate, and comment on 2D drawings and 3D models. Our built-in AI peer checker, AutoReview, scans designs for common errors or non-compliance with your standards and guidelines. AutoReview creates markups and comments on your files, in context – just like a human checker.

With CoLab, human SMEs and AI work together to help you make better decisions and improve designs faster. We automatically capture knowledge from across your global business that would otherwise be buried in emails, spreadsheets, slide decks, and unknown locations in Sharepoint or PLM. Then, we make sure every lesson learned and every design guideline is applied exactly when it matters.

Companies like Johnson Controls, Komatsu, Schaeffler, and Polaris have launched products 40% faster, cut BOM costs by 50%, and reduced quality escapes by 15% in 1 year.


About the Role

This is a mission-critical role for someone who thrives on ownership, complexity, and getting things done. As our Principal Risk and Compliance Analyst, you’ll be CoLab’s senior-most compliance lead—responsible for managing multiple concurrent audit and certification streams while also laying the groundwork for new ones, particularly as we expand into defense and international markets.

You’ll report into our Director of Risk and Compliance and step in to lead all net-new compliance efforts: from scoping and implementing EU frameworks, to advancing our defense-readiness, to participating in customer calls and managing end-to-end audit cycles. This is a hands-on, high-accountability role that directly supports sales, security, and executive stakeholders.

If you have deep expertise in risk and compliance, especially in regulated industries like defense and want to own and scale an entire program, this role is for you.


Our Ideal Candidate

You're a senior compliance professional with a background in security, risk, and regulatory frameworks. You’ve led audits for complex certifications in the past. You can confidently navigate conversations with auditors, customers, and executives alike. You know how to manage multiple workstreams without losing sight of the details.

You’re not looking to just “maintain compliance.” You want to build something. You know what right looks like and aren’t afraid to roll up your sleeves to get there—whether that’s writing policy from scratch, configuring a GRC tool, or jumping on a customer call to walk through our controls.

This role requires Canadian citizenship due to the sensitivity of the information involved.


Job Responsibilities:

  • Lead end-to-end audit management across multiple certifications and frameworks including SOC 2 Type II, TISAX, FedRAMP, CPCSC, CCCS (Medium), and three ISO certifications—with EU and defense requirements on deck.
  • Act as CoLab’s internal compliance authority and primary liaison to external auditors, assessors, and customer security teams
  • Participate in sales cycles by completing security questionnaires, documentation packages, and customer calls
  • Manage risk assessments and reviews, maintain risk registers, and recommend mitigations to business and technical leaders
  • Drive policy development and refinement across security and compliance programs
  • Build automation into our compliance workflows (using tools like Vanta and others) to increase audit readiness and reduce manual effort
  • Own and update GRC tooling, controls documentation, evidence gathering, and internal compliance training

Qualifications

  • 10+ years of experience in risk, compliance, or security programs within B2B software, with a strong preference for defense sector or regulated industry experience
  • Demonstrated experience owning and completing audits such as SOC 2 Type II, ISO 27001, FedRAMP,  and/or similar
  • Strong knowledge of GRC platforms (e.g., Vanta, OneTrust) and experience configuring automation or workflows
  • Exceptional written and verbal communication skills with the ability to speak credibly with auditors, sales teams, engineers, and executives
  • Ability to read, interpret, and implement complex frameworks and policies from multiple jurisdictions (Canada, US, EU)
  • Experience supporting high-stakes sales processes with timely and accurate security documentation
  • Ability to work independently, manage competing priorities, and drive programs forward without micromanagement
  • Canadian citizenship is required for this role

Extra Details

Compensation: This is a full-time, permanent position with a competitive compensation package that includes a stock options package

Benefits: Extended health and benefits, unlimited paid vacation, and RRSP matching

Remote/Hybrid Work: Our main office is in St. John’s, NL. This role can be done remotely from anywhere in Canada


Equity Note

Frequently cited statistics show that people who identify with historically marginalized groups are likely to apply to jobs only if they meet 100% of the qualifications. We encourage you to help us break that statistic and apply even if you don’t meet every single qualification—your potential is what matters most to us.

Top Skills

Grc Platforms (Vanta
Onetrust)
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
91 Employees
Year Founded: 2017

What We Do

Engineers need better tools for working together. CAD and PLM systems aren’t built for the design conversations where collaboration truly happens. So engineers go outside of them, using emails and slideshows to get the job done. But when these critical design discussions live in siloed, manual tools, you’re missing vital insights on why engineering decisions are being made, what needs to improve, and how to steer your people in the right direction.

After struggling with the traditional email, PowerPoint, and screenshot-driven collaboration process used by over 90% of manufacturing teams today, our founders made a decision: if better tools didn’t exist, they’d build them. And so CoLab began.

CoLab is a web-based collaboration tool that lets your team share CAD, provide feedback with full mechanical context, and capture the critical design data that your other systems don’t—giving you a design review and collaboration process that’s standardized, simplified, and twice-as-fast.

Today CoLab is trusted by Fortune 500 companies like Johnson Controls and Hyundai Mobis, who use the platform to accelerate design cycles by 51%, drive continuous improvement, and reduce product costs and changes.

See how we’re changing the way engineers work together at www.colabsoftware.com

Similar Jobs

Pfizer Logo Pfizer

US I&I GI Sales Team Organizational Coordinator

Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
Remote or Hybrid
8 Locations
32-54

Coinbase Logo Coinbase

Head of SEC Reporting

Artificial Intelligence • Blockchain • Fintech • Financial Services • Cryptocurrency • NFT • Web3
Remote
Canada
212K-212K Annually

ServiceNow Logo ServiceNow

Consultant

Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Remote or Hybrid
Montréal, QC, CAN

ServiceNow Logo ServiceNow

Consultant

Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Remote or Hybrid
Calgary, AB, CAN

Similar Companies Hiring

Standard Template Labs Thumbnail
Software • Information Technology • Artificial Intelligence
New York, NY
10 Employees
PRIMA Thumbnail
Travel • Software • Marketing Tech • Hospitality • eCommerce
US
15 Employees
Rain Thumbnail
Web3 • Payments • Infrastructure as a Service (IaaS) • Fintech • Financial Services • Cryptocurrency • Blockchain
New York, NY
40 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account