intermediate security specialist.

We are seeking a highly skilled Intermediate Security Specialist to drive the development, implementation, and refinement of enterprise cyber security programs and protective architectures. In this role, you will take technical ownership of designing and maintaining robust security controls, orchestrating rigorous framework audits, and deploying modern security technologies to safeguard critical networks, systems, and data. Operating across complex infrastructure environments, you will establish corporate security baselines, conduct intensive control testing, and align defensive strategies with industry regulations and risk mitigation standards.

Location: Toronto, ON (Fully Onsite - 5 days per week)

Duration: 6-month contract.

Advantages
Comprehensive Stack Ownership: Lead end-to-end security tracks spanning governance frameworks, technical control testing, and active platform deployments.

High-Demand Tooling Exposure: Expand your profile by executing large-scale, modern implementations of Data Loss Prevention (DLP) and Microsoft Defender suites.

Enterprise Resilience Authority: Drive high-visibility data center testing, disaster recovery blueprints, and incident response frameworks.

Strong Professional Blueprint: Solidify your career trajectory within a highly structured environment focused on deep regulatory compliance.

Responsibilities
Strategy & Architecture Engineering: Develop, implement, and update cyber security strategy programs and comprehensive security reference architectures to enforce consistent technical controls across the organization.

Control Testing & Assurance: Plan and execute regular technical security control testing and assurance operations to ensure defensive boundaries function exactly as intended.

Framework Auditing & Compliance: Lead structural security audits and gap analyses against global compliance frameworks, specifically utilizing NIST, CIS, and ISO standards.

Risk Management Framework Execution: Operationalize and implement the NIST Risk Management Framework (NIST RMF) to identify, evaluate, and mitigate vulnerabilities across data environments.

Security Technology Deployment: Deploy, configure, and maintain modern defensive solutions and advanced security tools, including Data Loss Prevention (DLP) systems and Microsoft Defender suites.

Resilience & Contingency Planning: Design and support enterprise Business Continuity Planning (BCP), Disaster Recovery Planning (DRP), Business Impact Analysis (BIA), and active incident response structures, facilitating data center and application contingency testing.

Cross-Functional Alignment: Collaborate with cross-functional information technology teams and business units to align infrastructure controls with security policies, standards, and regulatory mandates.

Security Program Enablement: Launch and manage organization-wide Security Awareness and Training Programs, while providing continuous technical guidance and security best practices coaching to IT staff.

Threat Telemetry Analysis: Monitor emerging cyber security threat vectors and recommend proactive technology updates and strategy enhancements to mitigate future risks.

Qualifications
Core Security Experience: Minimum of 5+ years of progressive professional experience developing and implementing cyber security programs, risk strategies, and technical architectures.

Public Sector Acumen: Proven background and operational experience working within a Public Sector framework is strictly required.

Framework Audit & Assessment Mastery: Hands-on experience conducting deep technical control testing, assurance validations, and audits against NIST, CIS, and ISO security frameworks.

NIST RMF Implementation Skills: Direct, practical experience implementing and executing the NIST Risk Management Framework (RMF) workflow.

Defensive Tooling Deployments: Demonstrated technical capability provisioning and tuning enterprise security systems, specifically Data Loss Prevention (DLP) modules and Microsoft Defender endpoint agents.

Contingency & Continuity Literacy: Strong functional understanding of core risk management methodologies, business impact analysis, application contingency testing, and disaster recovery execution.

Education: Bachelor’s degree in Computer Engineering, Computer Science, Information Technology, or an approved equivalent combination of education and experience.

Highly Preferred Assets:
Professional security industry certifications such as Certified Information Security Manager (CISM) or Certified in Risk and Information Systems Control (CRISC).

Summary
If you're interested in the "Intermediate Security Specialist" role based in Toronto, we encourage you to apply online at Only qualified candidates will be contacted for the next steps. We look forward to hearing from you!

Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.

Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to View email address on randstad.com to ensure their ability to fully participate in the interview process.

This posting is for existing and upcoming vacancies. show more