Cybersecurity GRC Analyst
Tasks
- Assess and document cybersecurity risks from vulnerabilities incidents third party findings and control gaps
- Conduct third-party cybersecurity risk assessments
- Coordinate cybersecurity audits evidence collection and remediation tracking
- Develop cybersecurity dashboards KRIs and KPIs
- Facilitate tabletop exercises
- Maintain cybersecurity policies standards controls
- Maintain enterprise cybersecurity risk register and risk ratings
- Monitor recurring control failures and systemic weaknesses
- Oversee SAST DAST scanning and remediation effectiveness
- Oversee controls protecting sensitive data PII and PHI
- Oversee privileged access and identity certification reviews
- Oversee security exceptions and risk acceptance
- Perform threat modeling and validate secure coding practices
- Report cybersecurity risks and security posture to senior leadership
- Review application risks including identity and access management API security and third party dependencies
- Review incident reports validate root cause analysis and corrective actions
- Support data classification and data loss prevention initiatives
- Support phishing simulations and security awareness initiatives
- Track remediation commitments and risk acceptance documentation
- Track vulnerability remediation and escalate overdue critical items
Perks/Benefits
- Bonus program
- Continuous in house learning
- Hybrid work environment
- Paid professional development
- Pension plan
- Spending account
- Wellness program
Skills/Tech-stack
API Integrations | API Security | Access Management | Audit management | Automation | Cause analysis | Conditional Access | Cybersecurity frameworks | DAST | Data Classification | Data Loss Prevention | Data loss | Governance Risk | Governance risk compliance | Graph API | Identity and Access Management | Identity and access | Identity governance | Incident Management | Information security | Key Performance Indicators | Key Risk Indicators | Loss prevention | Microsoft Graph | Microsoft Graph API | Mitre Attack | PII | Performance indicators | Phi | Playbooks | Policy Development | Privileged Access | Privileged Access Management | REST | Residual Risk | Risk Assessment | Risk Management | Risk compliance | Risk indicators | Risk register | Root Cause Analysis | Root cause | SAST | SIEM | SOAR | Secure Coding | Security Architecture | Security controls | Third Party | Third-Party Risk | Third-party risk management | Threat modeling | Vulnerability Management | XDR | Zero Trust
Related jobs
-
Sr. Blue Team Analyst CAD 191K-191KDetection engineering | Event management | Event triage | Incident Response | Log MonitoringMentoring opportunities | Ongoing training | Remote workSenior-level Full TimeCanada R2d ago
-
Information Security Officer USD 148K-200KAPI Security | AWS | AWS Config | AWS Well Architected | AWS Well-Architected Security PillarPeriodic travel | Remote workSenior-level Full TimeRemote (United States); Canada R2d ago
-
Information Security Engineer / Ingénieur en Sécurité de l'Information | North America (EST) /Amérique du Nord (EST) CAD 105K-145KAWS | Browser Extension | Browser extension security | CASB | Cloud SecuritySenior-level Full TimeCanada R2d ago
-
Security Operations Analyst CAD 75K-95KAntivirus | Behavior analytics | Change Management | Computer Emergency Response | Computer SecurityFlexible work environment | Generous time off | Global days of service | Health benefits | Meeting-free daysMid-level Full TimeRemote Canada; Vancouver, British Columbia, Canada R2d ago
-
Security SOC Analyst - Remote CAD 70K-90KAbnormal Security | Access Management | Conditional Access | CrowdStrike | Dark WebESOP | Employee benefits | Learning and development | Parental leave | Remote workMid-level Full TimeCanada, Canada R6d ago
-
AWS | Alert triage | Authentication | Azure | Cloud ComputingEmployee networks | Limited travel opportunity | Paid adoption leave | Paid parental leave | Professional development opportunitiesMid-level Full TimeCAN ON Remote, Canada R6d ago
-
Access Controls | Audit Readiness | Automation | Data Analysis | Data PrivacyFlexible work policy | In-person events | Remote workSenior-level Full TimeCanada - Remote (ON, AB, BC, … R6d ago
-
Security Operations Specialist CAD 70K-110KAWS | Access Management | Authentication Review | Cloud Security | DASTCo-working access | Health and wellness benefits | Learning allowance | Phone and internet subsidy | Remote workMid-level Full TimeToronto, ON Hub R7d ago
-
AWS | Application Security | Cloud Security | DLP | EDRHealth coverage | Home office stipend | Inclusive culture | Parental leave | Professional development budgetMid-level Full TimeCanada R8d ago
-
Security Engineer CAD 120K-151KAccess Control | Access Management | Authentication | Azure Security | CI/CDFlexible vacation | Flexible work options | Hackathons | Mentorship programs | Recognition programsSenior-level Full TimeRemote, Canada R8d ago
-
Information Security Analyst CAD 75K-95KAWS | Access Management | Alert triage | Authentication | AzureFlexible vacation | Flexible work options | Hackathons | Kinaxis Days | Mentorship programsMid-level Full TimeRemote, Canada R14d ago
-
Cyber Security Intern/Co-op (Fall 2026) CAD 45K-74KApplication Security | Automation | Cloud Security | Cyber Security | Data Loss PreventionHybrid work model | Mentoring programs | Online learning platform | Paid time off | Training and onboardingEntry-level Full Time Internship120 Bremner Blvd, Toronto, Ontario, Canada R17d ago
-
Information Security Analyst (1-Year Contract) CAD 68K-104KAntivirus | Cause analysis | Detection Systems | Development Lifecycle | EncryptionMid-level ContractToronto, ON - Remote R20d ago
-
Governance, Risk and Compliance (GRC) Analyst CAD 80K-110KAudit Support | Business Continuity | Compliance | Data Protection | GovernanceCollaborative environment | Comprehensive benefits | Flexible work arrangements | Growth opportunitiesMid-level Full TimeOttawa, ON (Remote) R1mo ago