Cybersecurity Administrator providing operational support for compliance activities in information security. Assisting vendor risk management, audit coordination, and vulnerability tracking.
Responsibilities
Manage inbound security questionnaires/RFIs and coordinate inputs across IT, Legal, Engineering, and other stakeholders
Maintain and continuously improve a centralized library of standardized, policy-aligned security responses
Track questionnaire/RFI status, deadlines, and follow-ups to ensure accurate, on-time delivery
Support the end-to-end third-party vendor risk lifecycle, including onboarding, periodic reviews, and offboarding
Conduct vendor security risk assessments using established frameworks and questionnaires (e.g., SIG, CAIQ, custom templates)
Maintain the vendor risk register, including risk ratings, evidence requests, remediation actions, and review schedules; escalate high-risk findings
Coordinate audit readiness activities (e.g., SOC 2 Type II, TISAX, internal audits), including continuous evidence collection and audit calendars
Serve as a point of contact during audit fieldwork by scheduling walkthroughs, gathering artifacts, and tracking auditor requests
Track audit findings and management responses and follow remediation commitments through closure; help update control narratives, policies, and procedures
Monitor and track vulnerabilities (scans, penetration tests, threat intel), maintain the vulnerability register, drive follow-ups, and produce status reporting.
Requirements
Bachelor's degree in Information Security, Computer Science, Information Systems, or a related field — or equivalent practical experience
1–2 years of experience in information security, IT compliance, risk management, or a related discipline
Familiarity with common compliance frameworks and standards such as SOC 2, ISO 27001, TISAX, NIST, or similar
Strong organizational skills with the ability to manage multiple workstreams, deadlines, and stakeholders simultaneously
Excellent written and verbal communication skills — able to translate technical concepts for non-technical audiences
Detail-oriented with a structured, process-driven approach to work
Proficiency in standard productivity tools (Microsoft 365, Google Workspace) and experience with spreadsheets and tracking tools
Entry-level security certification or active pursuit thereof: CompTIA Security+, CC (ISC²), or equivalent
Understanding of cloud security concepts (AWS, Azure, or GCP environments)
Understanding / Experience supporting external audits or regulatory examinations.
Security Developer coordinating vulnerabilities and malware issues for the Python Software Foundation. Collaborating with teams to enhance security practices and document threat models.
Presales Security Expert supporting sales leads and educating customers on security at Fortinet. Responsible for technical resource during sales calls and post - sales training.
IAM Director managing customer - facing identity and access management security programs at RBC. Assessing risks, developing controls, and ensuring compliance with standards and regulations.
Lead AI Red Team focusing on adversarial testing and security for enterprise - scale AI systems. Collaborate with engineering and compliance to map vulnerabilities and document findings.
Intern in operational security at Investissement Québec, supporting security alert management and vulnerability tracking in a supervised learning environment.
IT Information Security Lead at Mirego, responsible for technology and information security management. Overseeing compliance and IT strategies while maintaining operational efficiency.
Cybersecurity Specialist focusing on offensive security for Exposant 3. Performing penetration testing, security audits, and team knowledge transfer in a hybrid work setup.
Financial security advisor in life and health insurance, developing and maintaining client relationships. Selling insurance products and assessing customer needs to provide personalized solutions.
Senior Security Engineer designing and maintaining Microsoft 365 security solutions at ResMed. Focusing on compliance, incident response, and collaboration with global teams.
Senior Infrastructure professional solving practical security challenges and improving enterprise systems security at Confluence. Focused on implementation, remediation, and secure operations across Windows and Linux environments.