Security Governance, Risk and Compliance Analyst

Are you passionate about cybersecurity and risk management? Our client is building out their security team and is adding a Security Governance, Risk & Compliance (GRC) Analyst!  This exciting opportunity requires a skilled professional to help enhance their cybersecurity maturity, develop risk management strategies, and drive compliance initiatives.

Responsibilities
As a GRC Analyst, you will:

• Use CIS and NIST Cybersecurity frameworks to assess and enhance security maturity levels.
• Develop and implement a cybersecurity risk management program, including threat assessments and reporting.
• Establish security policies, standards, and guidelines to improve governance and risk mitigation.
• Oversee compliance with audit recommendations and track risk remediation efforts.
• Support vulnerability management by documenting and monitoring residual risks.
• Consult with business units to define and implement security solutions for projects.
• Educate, mentor, and provide leadership to junior staff.

Qualifications

• A degree or diploma in Information Security, Risk Management, or a related field.
• 4+ years of experience in Security GRC, IT audit, or IT risk management.
• Expertise in IT governance, risk assessment, compliance auditing, and security controls.
• Preferred certifications: CISSP, CISA, CRISC, or equivalent.
• Strong business writing, communication, and interpersonal skills.
• The ability to manage multiple tasks, innovate, and adapt to new technology quickly.
• Familiarity with security frameworks and tools, including:
  • CIS, NIST, COBIT, COSO
  • Risk Assessment & Management Software (RSA Archer, ServiceNow, Ivanti GRC)
  • Third-Party Risk Management
  • Vulnerability & Patch Management
  • Compliance & Audit tools

David Aplin & Associates Inc., operating as Aplin, and its associated brands, CompuStaff and Impact Recruitment, is an award-winning employment agency connecting diverse, top-tier talent with exceptional organizations across North America. We welcome applicants from all backgrounds and charge no fees to apply or engage with our recruiters. Our clients partner with us to help expand and diversify their teams. Please note that all applicants must be legally entitled to work in Canada, including holding any necessary work permits.