GRC Analyst, Information security
$102.64k - $153.96k per yearFull-time
Bennett Jones
Ranked a Best Employer in Canada for 25 years, Bennett Jones is one of Canada’s premier business law firms and home to 500 lawyers and business advisors. With deep experience in complex transactions and litigation matters, and offices in Calgary, Edmonton, Montréal, Toronto, Vancouver and New York, the firm is well equipped to advise businesses and investors with Canadian ventures and connect Canadian businesses and investors with opportunities around the world. Serving clients since 1922, we are proud to be the firm that businesses trust with their most complex legal matters.
GRC Analyst, Information security
The Role
The information security GRC analyst, reporting to the Director Information Security GRC, will support the implementation and maintenance of the organization’s Governance, Risk, and Compliance (GRC) program, with a strong focus on third party security compliance, security governance, and internal controls. This role will contribute to maintaining a formally structured, risk-based security framework aligned with industry standards such as ISO 27001 and ISO 22301. The position requires a minimum of three years of information security experience in a similar position and excellent communication skills.
Essential Functions
- Oversee the cybersecurity compliance program for third parties, including:
- Managing requests from clients, prospects, auditors, cyber-insurers, or others, related to our security program, to ensure a timely and accurate response to security questionnaires and associated requests.
- Managing the compliance of the Firm's key IT vendors with information security, to ensure the initial security due diligence, annual security re-certification, and continuous monitoring of the vendors' security profile.
- Assist with the performance of important internal security processes and controls, including:
- Tracking status and following up with the person responsible to ensure key internal security tasks are conducted in time and as per the annual schedule.
- Maintain security dashboards, metrics, and reports as required for the team, the IT Department and senior management.
- Making suggestions and improving existing security standards and procedures.
- Conduct security tasks as required to maintain the Firm's ISO 27001 and ISO 22301 certifications:
- Conducting limited internal security audits; Collaborate with IT and business units to remediate compliance gaps; Maintain documentation related to compliance activities, controls, and audit findings; Assist with ad-hoc security investigations; Stay current on emerging regulations, standards, and industry trends.
Qualifications
- Bachelor's degree in information technology, computer Science, cybersecurity, or related field
- Minimum three years of experience in IT compliance, risk management, or information security
- Knowledge of regulatory frameworks (e.g., ISO 27001, ISO 22301, NIST)
- Experience with security risk management processes and compliance tools
- Outstanding oral and written communication skills
- Excellent interpersonal relationship skills
- High-level of attention to detail and accuracy
- High degree of personal initiative and maturity with an ability to work with minimal supervision
- Ability to prioritize tasks effectively, respect deadlines, and report any issues or conflict in the performance of operational activities, and the planning and scheduling of tasks and projects
- Professional certifications as follows are an asset
- CISSP, CISA, CISM, CRISC
- SANS/GIAC, CompTIA Security+, CEH
Additional Details
- Compensation: $102,640-153,960 per annum
- Vacancy: This position is for an existing vacancy
Apply To
Human Resources
Bennett Jones Services Limited Partnership
3400 One First Canadian Place
P.O. Box 130
Toronto, ON M5X 1A4
E-mail: ***email_hidden***
Vacancy posted 9 days ago
Similar jobs that could be interesting for youBased on the GRC Analyst, Information security in Toronto, ON vacancy
- ...outputs related to threat analysis, vulnerability assessment, and security architecture recommendations. Create realistic scenarios... ...For details about the interview process and platform information, please check: For any help or support, reach out to: support...SuggestedRemote jobHourly payContract workSummer work
- ...Opportunity? The opportunity is for an analyst to provide oversight, monitoring and enhancement... ...Industry related certification – eg. Security+, CC certified with ISC2 Knowledge of... ...applications and processes Information Technology standards, methodologies, and...SuggestedFull timeFlexible hours
- ...Role To support our growth, we are looking for SOC Analysts to join our growing cyber security function. This role will be supporting our 24/7 operational... ...of programming in Python, Go and/or Java. ~ A Cyber/Information Security related degree and/or relevant cyber security...SuggestedWorldwideVisa sponsorshipWork visaFlexible hours
- ...noopener" The Opportunity We’re looking for an experienced Security GRC Specialist to join our growing Security GRC team. Reporting... ...Requirements Your experience and skills ~ Bachelor's Degree in Information Security, Computer Science, Business, Risk Management or a...SuggestedInternship
$109.42k - $118.63k per year
...Wage Grade 7 Hiring Zone: $109,415.00 - $118,629.00 Shift Information: Monday to Friday, 35 hours per week per week Affiliation: Non... ...when requested, to staff of the Office of the Chief Information Security Officer to ensure privacy and information collection considerations...SuggestedFull timeTemporary workInternshipWork at officeMonday to fridayShift work$92.84k - $98.64k per year
...responsible for strengthening the Ontario Medical Association’s (OMA) information security governance, risk, and compliance program by operating within... ...such as artificial intelligence (AI). The Cybersecurity GRC Analyst advances the OMA’s strategic vision by fostering cross-...Permanent employmentFull timeWork at officeFlexible hours$55 - $65 per hour
...Information Security Analyst (AI / First Line of Defense) Take part in meaningful technology and security initiatives focused on cloud environments, information risk, and AI governance. This role offers a mix of strategic and hands-on responsibilities in a collaborative...Hourly payPermanent employmentFull timeContract workMonday to friday$110k - $160k per year
...The Opportunity The Tech Risk-SAP GRC team within EY’s Business Consulting domain... ...looking for a dynamic person in the SAP Security, Controls, and SAP GRC space. This candidate... ...of experience ~ A Bachelor's degree in information systems, commerce, accounting, computer...Flexible hoursWeekend work- ...an experienced professional to fulfill the role of Business Information Security Officer (BISO) - Advisory. This role reports to the Firm's Chief... ...development, and implementation 5+ years of experience in secure design/architecture and project risk assessments across...Full timeInternshipWork at office
- ...banking. Introduction: Robertson is seeking a skilled Information Risk Management Analyst to join our client. Contract Period: 6 months with potential... ...in work, or in the backlog. Support operational security activities including oversight of ongoing segment specific...Contract workMonday to friday
$160k - $170k per year
...role: The Director of Cybersecurity & Information Security will provide specialized expertise and guidance... ...Lifecycle (SDLC), ensuring that secure coding practices are consistently followed... ...with Governance, Risk and Compliance (GRC) platforms. ~Good understanding of financial...Work at officeRemote workFlexible hours$88k - $132k per year
...is looking for dynamic individuals in the Oracle Applications Security and GRC space for on premise and cloud applications. These... ...Administration, Computer Science, Engineering, Accounting or Information Systems Minimum 4 to 10 years of experience in Oracle application...Weekend work$114.75k - $135k per year
...providing greater access to financial information. Together, we are building... ...the team + role The Corporate Security team at Robinhood enables the business to move fast while staying secure. We're looking for a Corporate Security Analyst who will focus on operational and...Full timeWork at office$88k - $132k per year
...Join EY and help to build a better working world. The Opportunity EY is looking for dynamic individuals in the SAP Security, Controls, and SAP GRC space. These professionals will know how to help clients identify, design, implement and extract value from their SAP...$80 - $120 per hour
...Summers , and Jack Dorsey . Position: Cybersecurity / IT GRC Evaluator Type: Contract Compensation: $80–$... ...For details about the interview process and platform information, please check: For any help or support, reach out to: support...Remote jobContract workSummer workWork at office$45 per hour
...Ability to analyze existing systems and identify areas for improvement or new solutions. Critical Thinking - Ability to analyze information, identify issues, and make sound judgments. Stakeholder Management - Ability to engage with stakeholders, understand their needs...Hourly payFull timeFixed term contract- Our client, a major global financial services organization, is seeking a dynamic and experienced Senior Security Analyst (Information Risk) to join their IT First Line of Defense team. In this role, you will be responsible for performing risk-based information security assessments...Contract workWork at officeMonday to fridayFlexible hours
$35.74 - $43.09 per hour
Our client, is seeking a meticulous and collaborative Info Security Analyst II to join their enterprise Cyber Security and Compliance Operations... ...: Proven experience operating within Cyber Security, Information Security, Vulnerability Management, Compliance Operations, or...Permanent employmentFull timeContract workWork at officeImmediate startRemote workMonday to fridayShift work2 days per week$61k - $83.6k per year
Job Description : Cyber Security Analyst Amica Support Office Full-Time Amica embraces... ...and risk. Develop and maintain secure configuration baselines aligned to industry... ...Certifications Bachelor’s degree in Information Security, Computer Science, Information...Long term contractFull timeWork at office$50k - $90k per year
...on the job coaching Summary The SecurityL1 Analyst is responsible for the initial triage and analysis of security alerts and incidents within the Security... ...security tools and systems, including SIEM (Security Information and Event Management), and EDR (Endpoint Detection...Permanent employmentFlexible hoursShift work$80 per hour
...Services clients in a contract capacity! Please see below for more information on the position and if interested apply with an updated resume... ...experience ~ Financial services / banking experience ~ IT security & risk experience ~ Governance / COE experience ~...Contract workWork at office- ...TEHORA est présentement à la recherche d’un(e) conseiller(ère) en gouvernance de la sécurité de l'information senior Sans être exhaustifs, voici les services et livrables que devra fournir la personne retenue : Définir les stratégies de sécurité; Réaliser des analyses...Hourly payFull timeContract workApprenticeshipRemote workFlexible hours
$69k - $129k per year
...and control considerations clearly to stakeholders, supporting informed decision‑making and consistent application of expectations.... ...Management Professional (by DAMA) CRISC - Certified in Risk and Information Systems Control (by ISACA) OR CGRC - Certified in Governance, Risk...Contract workPart time$65.4k - $69.49k per year
...devices, applications, and user accounts are secure, reliable, and optimized for productivity.... ..., reporting, and operational insight to inform decision-making and continuous improvement... .... Minimum 3 years’ experience as an analyst supporting enterprise endpoint and identity...Permanent employmentFull timeFor contractorsWork at officeFlexible hours- ...TEHORA est présentement à la recherche d’un(e) Analyste en sécurité opérationnelle intermédiaire Sans être exhaustifs, voici les services... ...universitaire de 1er cycle (BAC) en informatique, en technologies de l’information, ou encore dans un domaine connexe reconnu par le ministère...Hourly payFull timeContract workApprenticeshipRemote workFlexible hours
$83 - $88 per hour
On behalf of our premier banking client, we are seeking a high-caliber Business Information Management Analyst V to join the Strategy and Enablement team. This role is central to a multi-year transformation journey aimed at modernizing the Financial Risk data and technology...Shift work$93.59k - $155.99k per year
...Description: The Cyber Security Advisor, Research reports to the Manager, Research Information Security Program (RISP) within Information... ...Officer. The Advisor enables secure, compliant research across the... ...Experience working within GRC platforms for control documentation...Full timeWork at officeFlexible hours- ...présentement à la recherche d’ un(e) conseiller en systèmes d’information ayant une solide expérience dans son domaine d’expertise afin... ...fonctionnalités des systèmes ; Assurer la conformité aux normes de sécurité et de gouvernance. Requirements Baccalauréat ou maîtrise...Hourly payFull timeContract workApprenticeshipRemote workFlexible hours
$140k - $175k per year
...Are you excited by the opportunity to secure products used by millions of professionals around... ...engineering, Security Architecture, GRC, IAM, Detection & Response, and business leaders... ...the facts, and provide trusted, unbiased information to people all over the world. Our use...Full timeWork at officeLocal areaFlexible hours2 days per week3 days per week- ...Your team’s dynamic: The Information Architecture, Intelligence & Analytics, or IAIA for short... ...looking for an experienced Information Analyst to join our dynamic and growing team. In... ...Establish policies for data quality, security, privacy, and lifecycle management; maintain...Full timeFlexible hours
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to GRC Analyst, Information security. Be the first to apply!
