Security and Compliance Associate at Habitat Learn, an EdTech company focused on accessibility. Supporting compliance and security operations for multiple frameworks in a remote role based in Ontario.
Responsibilities
Support ongoing compliance activities across SOC 2, ISO 27001, HIPAA, HECVAT, and TX-RAMP
Collect, organize, and maintain audit evidence and security documentation
Help draft and maintain security policies, procedures, and internal standards
Complete security questionnaires and HECVAT submissions for institutional procurement
Maintain a compliance tracker and support audit readiness activities
Review findings from the Humber Digital Tech Hub cybersecurity assessment
Track remediation tasks and help coordinate follow-up with engineering and leadership
Support updates to the risk register and documentation of control gaps and resolutions
Act as an internal coordinator for progress tracking and reporting
Support user access controls, provisioning, and offboarding processes
Assist with vendor security reviews and BAA tracking
Help coordinate internal security awareness and training activities
Support Apple device management processes (MDM, Apple Business Manager)
Support responses to customer security reviews and procurement due diligence requests
Assist in preparing compliance and security status updates for leadership
Stay informed on relevant privacy and data protection regulations (FERPA, PIPEDA, etc.)
Requirements
Recent graduate (within 1–2 years) of a diploma or degree in Cybersecurity, Protection & Security Investigation, IT Security, Network Security, or a related field
Ontario institutions such as Humber Polytechnic, Seneca Polytechnic, George Brown College, or equivalent programs are strongly welcomed
Coursework in cybersecurity frameworks, risk management, or privacy law is an asset
Strong attention to detail and highly organized approach to documentation
Clear written communication skills (policy writing and institutional responses are key parts of the role)
Comfortable working independently in a fast-paced, evolving environment
Curious about security and privacy, with an interest in understanding underlying systems (not just processes)
Ability to manage multiple priorities and stay structured in a startup setting
Exposure to frameworks such as SOC 2, ISO 27001, NIST, HIPAA, or similar is a nice to have
Familiarity with Apple device management or enterprise IT environments
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.