Cybersecurity GRC Analyst
Tasks
- Assess and document cybersecurity risks from vulnerabilities incidents third party findings and control gaps
- Conduct third-party cybersecurity risk assessments
- Coordinate cybersecurity audits evidence collection and remediation tracking
- Develop cybersecurity dashboards KRIs and KPIs
- Facilitate tabletop exercises
- Maintain cybersecurity policies standards controls
- Maintain enterprise cybersecurity risk register and risk ratings
- Monitor recurring control failures and systemic weaknesses
- Oversee SAST DAST scanning and remediation effectiveness
- Oversee controls protecting sensitive data PII and PHI
- Oversee privileged access and identity certification reviews
- Oversee security exceptions and risk acceptance
- Perform threat modeling and validate secure coding practices
- Report cybersecurity risks and security posture to senior leadership
- Review application risks including identity and access management API security and third party dependencies
- Review incident reports validate root cause analysis and corrective actions
- Support data classification and data loss prevention initiatives
- Support phishing simulations and security awareness initiatives
- Track remediation commitments and risk acceptance documentation
- Track vulnerability remediation and escalate overdue critical items
Perks/Benefits
- Bonus program
- Continuous in house learning
- Hybrid work environment
- Paid professional development
- Pension plan
- Spending account
- Wellness program
Skills/Tech-stack
API Integrations | API Security | Access Management | Audit management | Automation | Cause analysis | Conditional Access | Cybersecurity frameworks | DAST | Data Classification | Data Loss Prevention | Data loss | Governance Risk | Governance risk compliance | Graph API | Identity and Access Management | Identity and access | Identity governance | Incident Management | Information security | Key Performance Indicators | Key Risk Indicators | Loss prevention | Microsoft Graph | Microsoft Graph API | Mitre Attack | PII | Performance indicators | Phi | Playbooks | Policy Development | Privileged Access | Privileged Access Management | REST | Residual Risk | Risk Assessment | Risk Management | Risk compliance | Risk indicators | Risk register | Root Cause Analysis | Root cause | SAST | SIEM | SOAR | Secure Coding | Security Architecture | Security controls | Third Party | Third-Party Risk | Third-party risk management | Threat modeling | Vulnerability Management | XDR | Zero Trust
Related jobs
-
Security SOC Analyst - Remote CAD 70K-90KAbnormal Security | Access Management | Cloud Security | Conditional Access | CrowdStrikeEmployee share options | Learning and development opportunities | Parental leave | Remote work | WFH expense budgetMid-level Full TimeCanada, Canada R6h ago
-
Cyber Security Analyst - Remote CAD 100K-105KAccess Management | Azure | CIS Critical Security | CIS Critical Security Controls | Cause analysisFlexible hours | Meeting-free Friday afternoons | Remote work | Work-life balanceMid-level Full TimeAlberta, Canada R1d ago
-
SAP Security Analyst & SAP Junior Security Analyst CAD 66K-100KAccess Management | Audit Support | Content Management | Content Management Systems | DocumentumEntry-level Full TimeEdmonton / Remote Across Alber, AB R7d ago
-
Cyber Security Operational Technology Senior Analyst CAD 90K-122KAccess Security | Compensating Controls | Control Systems | Cyber Security | DCSHybrid work | Remote FridaysSenior-level Full TimeCalgary, AB, CA, T2P 1G1 R7d ago
-
Senior GRC Analyst EUR 72K-110K800-53 | AI Governance | AI RMF | AWS | Audit evidenceDocker swag | Equity | Flexible work schedule | Holiday benefits | Home office setupSenior-level Full TimeCanada R8d ago
-
GRC Analyst CAD 86K-120KAML | ATF | Audit Readiness | AuditBoard | AutomationEmployee resource groups | Hybrid work flexibility | Learning and development opportunities | Purpose-driven workMid-level Full TimeCanada, Remote R13d ago
-
Canada- Security Analyst I CAD 87K-94KAPI Integration | Access Control | Access Management | Active Directory | Alert TuningMid-level Full TimeRemote or Mississauga R14d ago
-
Information Security Officer USD 148K-200KAPI Security | AWS | AWS Config | AWS Well Architected | AWS Well-Architected Security PillarPeriodic travel | Remote workSenior-level Full TimeRemote (United States); Canada R22d ago
-
Security Operations Analyst CAD 75K-95KAntivirus | Behavior analytics | Change Management | Computer Emergency Response | Computer SecurityFlexible work environment | Generous time off | Global days of service | Health benefits | Meeting-free daysMid-level Full TimeRemote Canada; Vancouver, British Columbia, Canada R23d ago
-
Security SOC Analyst - Remote CAD 70K-90KAbnormal Security | Access Management | Conditional Access | CrowdStrike | Dark WebESOP | Employee benefits | Learning and development | Parental leave | Remote workMid-level Full TimeCanada, Canada R26d ago
-
Security Engineer CAD 120K-151KAccess Control | Access Management | Authentication | Azure Security | CI/CDFlexible vacation | Flexible work options | Hackathons | Mentorship programs | Recognition programsSenior-level Full TimeRemote, Canada R28d ago
-
Information Security Analyst CAD 75K-95KAWS | Access Management | Alert triage | Authentication | AzureFlexible vacation | Flexible work options | Hackathons | Kinaxis Days | Mentorship programsMid-level Full TimeRemote, Canada R1mo ago
-
Information Security Analyst (1-Year Contract) CAD 68K-104KAntivirus | Cause analysis | Detection Systems | Development Lifecycle | EncryptionMid-level ContractToronto, ON - Remote R1mo ago