Skip to content
SecRoles

Governance, Risk & Compliance Analyst

DoceboToronto, ON, CanadaJune 12, 2026
Hybrid
Full-time
Governance, Risk & Compliance
Mid · 3+ yrs

Artificial Intelligence. Actual Impact.

At Docebo, we’re using AI to change how people learn at work—and we mean actually change it. We’re an AI-powered learning platform that helps organizations create, deliver, and manage training all in one place. But our real mission goes deeper: we help teams move faster, work smarter, and focus on the work that truly matters. Our platform is built with intelligent, time-saving tools that personalize learning, eliminate busywork, and turn training from a checkbox into a superpower. The result? Better experiences for learners and real results for businesses.

We’re shaping the future of learning with a team that isn’t afraid to challenge the status quo. If you're excited by the idea of using AI to make work-life better for real people–you’ll feel right at home here. And it’s not just what we build, it’s how we show up. At Docebo, our values aren’t just posters on the wall—they guide how we work every day. We call it the Docebo Heart: trust by default, assume positive intent, and create space for different perspectives to thrive.

So… what are you waiting for? Join 900+ Docebians around the world and help us reinvent the way people learn, because learning never stops.

The Governance, Risk & Compliance Analyst is a key contributor to Docebo's security and compliance program. This role supports the development and maintenance of our security framework, helping to ensure the company meets its regulatory obligations and effectively communicates its compliance standing to both internal and external stakeholders.

Working under the guidance of senior team members, this individual will assist in various governance, risk, and compliance activities. The role involves collaboration with teams across the organization, including Sales and Legal, to help address customer inquiries related to security and compliance. This position offers an opportunity to grow and learn within a dynamic security environment, contributing to the continuous improvement of our control environment.

Primary responsibilities, including but not limited to:

The responsibilities listed in this section are representative and not exhaustive. Additional duties may be assigned as needed.

  • Support Governance and Policy Management: Assist in the creation and maintenance of cybersecurity and privacy policies, standards, and control frameworks to help align with key industry regulations (e.g., PCI DSS, ISO 27001, SOC 2) and business goals.

  • Contribute to Risk Assessments: Participate in cybersecurity risk assessments across the organization by helping to identify and document potential risks. Support the monitoring and tracking of risk treatment plans under the supervision of senior GRC team members.

  • Assist with Audit Support: Provide support for internal and external audits (e.g., ISO 27001, SOC 2, PCI DSS) by gathering evidence, helping to coordinate with internal teams, and assisting in the management of audit-related tasks.

  • Aid in Vendor Risk Assessment: Assist the GRC team in evaluating the risks associated with third-party vendors by supporting the monitoring of their security controls and helping to maintain risk management reports.

  • Maintain Documentation and Reporting: Help maintain clear and organized documentation of compliance activities, including risk assessments, risk register, and control inventory and audit evidence. Assist in preparing reports on the GRC program's status for management.

  • Facilitate Cross-functional Collaboration: Work with various departments to support the implementation of security controls and help align compliance and security efforts with business objectives, guided by the GRC team.

  • Handle Customer Inquiries: Respond to customer security and privacy inquiries by helping to complete compliance questionnaires and contributing to RFIs and RFPs, ensuring that information is accurate and delivered in a timely manner to support the sales process.

What it takes to be successful:

To succeed as a Governance, Risk & Compliance Analyst, you should have a foundational understanding of security and compliance concepts and a strong desire to learn and grow in the field. A detail-oriented and organized approach is essential for supporting audits and managing documentation. Good communication skills are important, as you will be collaborating with different teams and assisting with customer inquiries. A proactive mindset and the ability to work effectively as part of a team will be key to your success in this role.

Education and Experience:

  • Typically 3+ years of relevant work experience.

  • Working experience IT Risk Management, Governance, or a similar Information Security role.

  • Experience supporting the development of security policies, risk assessments, or internal/external audit cycles for a SaaS company.

  • Familiarity with information security principles, trends, and best practices, particularly in cloud environments (e.g., AWS, Azure, GCloud).

  • Knowledge of GDPR requirements and other data privacy laws (eg: CCPA, PIPEDA).

  • Knowledge of ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, ISO/IEC 27701, ISO 9001, SOX, DORA, NIST CSF, and AICPA/ISAE 3000 SOC 2 & PCI DSS.

  • Familiarity with the FedRamp framework

Our Hybrid Work Philosophy 🤝

Great work can happen anywhere but coming together helps us go further. Our team spends three days a week in the office (Tuesday-Thursday) to collaborate, solve problems, and learn from each other. With flexibility the rest of the week, it’s a balance designed to help everyone do their best work and keep growing.

Our Total Rewards Philosophy 🎉

Our Total Rewards Philosophy centers around three core areas to reward and care for our People:

  • Rewarding Impact: We lead with competitive pay to reward the impact, skills and traits that fuel our success.

  • Fostering Holistic Wellbeing: We care deeply about and invest in the whole person with programs that support our people’s physical, mental, and financial well-being.

  • Empowering Our Talent Culture: We build a culture of trust and empowerment by designing our rewards and benefits with transparency, equity, and flexibility, enabling our people to do their best work and stay for the long haul.

Our Promise to You 😍

  • Financial Wellness: Own a piece of Docebo through our Employee Share Purchase Plan (ESPP) at a 15% discount, plus a competitive compensation package.

  • Your Well-Being, Covered: You’ll get access to health benefits, so you can get the care you need when you need it.

  • Rest, Relax, Repeat: Rest and recharge with paid vacation days, two company-wide Docebo Days, floating holidays for cultural celebrations, and your birthday off!

  • Family First: We provide coverage offering you time with your little one(s) so you can soak up all those precious moments. Fun fact: we had 30 Docebian babies join the family in 2025!

  • Connections That Count: Connect with global communities through our Employee Resource Groups (including PRIDE, DWA, BIDOC, and Green Ambassadors) and company-wide events that keep the fun rolling all year long.

About Docebo 💙

At Docebo, we create seamless, AI-powered learning experiences for over 3,000 customers worldwide. We have successfully achieved two IPOs (TSX: DCBO & NASDAQ: DCBO), been recognized as a top SaaS e-learning solution, and are growing exponentially in the process. We're a global company, with office across North America, EMEA, APAC, and beyond. Our team is guided by six core values—Innovation, Simplicity, Accountability, Togetherness, Curiosity, and Impact—that shape everything we do. If this resonates with you, now is the perfect time to join one of the fastest-growing learning technology companies in the world.

Docebo is an Equal Employment Opportunity employer. We are committed to diversity and inclusion in our workforce. All qualified applicants and employees will receive consideration for employment regardless of their race, colour, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, citizenship status, age, disability, genetic information, or any other category protected under applicable law.

As a federal contractor, Docebo is committed to the principles of affirmative action and equal employment opportunity for protected veterans and individuals with disabilities. Docebo does not discriminate because of protected veteran status or on the basis of disability, and Docebo takes affirmative action to employ and advance in employment qualified protected veterans and individuals with disabilities.

Any individuals requiring a reasonable accommodation or would like to voluntarily disclose a disability or protected veteran status to assist with their employment application should send an e-mail to recruiting_accommodations@docebo.com. The email should also include the position you’re interested in.

Job Details

Experience

Mid · 3+ yrs

Tools & Tech

AWS
Azure
Go
Apply