Information Security Analyst conducting audits and managing IT security risks for EllisDon. Supporting compliance activities and contributing to GRC program initiatives.
Responsibilities
Conduct IT audits, collect and validate evidence to support GRC program and audit readiness
Support identification, assessment, and tracking of IT/cyber risks; maintain the enterprise risk register and remediation lifecycle
Perform risk assessments for systems, projects, and vendors; support ongoing third-party compliance activities
Contribute to GRC program operations (policies, standards, procedures, exception tracking, evidence workflows)
Support remediation of risks, control gaps, and audit findings across teams
Partner with IT (Service Delivery, Operations, DevOps) to enable secure system and solution implementation
Support security awareness program, including training, reporting, and modern threat simulations (phishing, social engineering, AI-driven attacks)
Support compliance across SOC 2, NIST, ISO 27001, and CMMC / CPCSC / ITSP, ensuring consistent control implementation
Contribute to key GRC initiatives, including risk maturity, audit readiness, vendor compliance, and standardization of security requirements across the organization
Requirements
Strong interpersonal, oral, and written communication skills
Post-secondary education in IT, Information/Cyber Security, or relevant experience
Experience in Information/Cyber Security, GRC, or Risk Management
Hands-on experience supporting risk assessments, audits, compliance, or vendor reviews
Strong analytical and technical problem-solving skills
Ability to work independently, self-start, and quickly learn new tools and systems
Industry certifications (e.g., CISSP, CEH, CISA, Security+) considered an asset
Working knowledge of NIST Cybersecurity Frameworks
Familiarity with industry standards (CIS, SOC2 Type II, ISO) and CMMC / CPCSC or similar frameworks
Hiring a Cyber Security Analyst for a full - time onsite role in Toronto, ON. Requires 6+ years experience in cybersecurity, AI security, SOC, and cloud security.
Manage and ensure secure production and development environments as a Security Analyst. Analyze incidents, maintain security systems, and collaborate with teams and vendors.
IT Security Analyst responsible for advanced analysis of security incidents and supporting SOC operations in Canada. Collaborating with teams to improve detection capabilities and utilizing AI.
IAM Governance & Control Analyst contract role with a financial institution in Toronto. Focus on documenting and improving IAM processes and governance.
Security Analyst protecting systems, networks, and data at StarTech.com. Involved in vulnerability assessments, compliance initiatives, and security monitoring.
Information Security Analyst needed for a security transformation project, modernizing policies and integrating Palo Alto with Entra ID for a top financial client.
Hiring Intermediate Security Specialist for 4 - month contract in Toronto, ON. Must have 5+ years cybersecurity experience and relevant certifications.
Defensive Security Analyst responsible for identifying, analyzing, and mitigating threats to Desjardins's systems and networks. Engaging in continuous monitoring and risk assessment to ensure robust security posture.