The Company

At Canopy Growth, our mission is clear: improve lives, end cannabis prohibition, and strengthen communities. We believe that cannabis can be a force for good. We’re building a consumer-centric organization that is focused on sharing the transformational potential of cannabis with the world. We will achieve this through an innovative and disruptive portfolio of cannabis and hemp-derived products.

With millions of square feet of licensed production capacity and operations spanning four continents, Canopy Growth is the world's leading cannabis and hemp company. We recognize that employees are at the core of our success, and we take pride in a corporate culture that emphasizes inclusiveness, collaboration, and diversity.

Our employees come from a wide range of backgrounds, each bringing their own unique skills and talents to the table, working together to continue our incredible momentum of growth. If you are interested in building global challenger brands, scaling a business, and working in a values-driven environment, we want to hear from you!

The Opportunity

Reporting to the IT Compliance Manager, the IT Compliance Analyst will assist with IT risk management and compliance related activities related to ITGC & ICFR within Canopy Growth, including its wholly owned subsidiaries. This individual will be a detail-oriented, self-starter who can work independently and possesses excellent communication and collaboration skills. This individual will have the ability to manage conflicting priorities and maintain a high-level of organization in their work.

Responsibilities

• Assist with the control processes to ensure Canopy’s compliance with ITGC and ICFR.

• Assist in the integration of acquired subsidiaries into Canopy’s ICFR\ITGC program

• Liaise with external resources as required to facilitate IT controls evaluation

• Liaise with internal resources as required to understand how changing business process impact core business systems to ensure controls are adequately considered

• Understand the overall IT environment and appropriately update process documentation

• Assist with the design of IT general controls and application controls and validate their effectiveness throughout the audit period

• Assist in identification of controls gaps and collaborate with IT process owners to ensure gaps are appropriately addressed

• Special projects as assigned

Experience

• University degree in Computer Science, related discipline, or equivalent experience.

• Minimum of 5 years of IT experience.

• Minimum of 3 years of compliance experience

• CISA or other relevant security-related designation(s) an asset.

• Significant knowledge of and experience (3+ years) with legal and regulatory compliance standards such as [ICFR, ITGC, SOX, GDPR, PCI-DSS, NIST CSF, etc.

• Experience (3+ years) with IT governance, risk, and compliance management.

• Excellent communication skills and the ability to collaborate effectively with all levels of the organization.

• Knowledge of computer networking concepts and protocols and network security methodologies.

• Knowledge of risk management processes (e.g. methods for assessing and mitigating risk).

• Knowledge of cyber threats and vulnerabilities.

• Knowledge of risk management processes.

• Knowledge of cyber threats and vulnerabilities.

• Knowledge of specific operational impacts of cybersecurity lapses.

• Proven verbal, written, presentation and communications skills with all levels of management.

Other Details

This is a full-time, remote position based in Ottawa, Canada.

#LI-Remote

We appreciate your interest, and promise to review all applications, but we will only be contacting those who best fit the requirements.

We welcome and encourage applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. If you require accommodation, please notify your Talent Acquisition Partner. Please note, the chosen applicant will be required to successfully complete background and reference checks.