cyber security risk analyst - assurance.

Our client is seeking a fully remote Cyber Security Risk Analyst – Assurance to support executive cyber risk reporting in a regulated financial environment. Reporting to the Assistant Director, Cyber Security Assurance, the Consultant will translate TRA and penetration test findings into clear business risk insights, apply NIST and HTRA frameworks, and manage cyber risk records in ServiceNow GRC. The role requires 5+ years of cyber or technology risk experience, strong executive reporting skills, and the ability to map technical issues to business impact. Experience in financial services, ISO 27001, cloud risk, and relevant certifications are assets.

*** 18 month contract position ***

*** Candidates must be eligible for security clearance (5+ years in Canada) ***

*** FULLY Remote ***

*** Full-Time (37.5 hours per week) ***

Advantages
•Executive exposure in a regulated financial cyber risk environment
•Hands-on experience with ServiceNow GRC and NIST/HTRA frameworks

Responsibilities
•Lead and produce executive cyber risk reports based on TRAs and penetration test findings

•Translate technical security issues into clear business risks and recommendations
•Apply NIST and HTRA frameworks to assess and communicate cyber risk
•Maintain and update cyber risk records in ServiceNow GRC (risk register, treatments, exceptions)
•Support governance forums, audits, and regulatory inquiries with clear reporting
•Ensure consistency, quality, and timeliness of assurance reporting outputs
•Assist in integrating into the Assurance team workflow and managing reporting demand

Qualifications
•University degree or college diploma in IT, cyber security, risk management, or related field
•5+ years of cyber security, technology risk, or related experience
•3+ years producing executive-level cyber risk reports for senior stakeholders
•Hands-on experience with ServiceNow GRC (risk register, issue tracking, reporting)
•Working knowledge of NIST frameworks and HTRA methodology
•Experience interpreting TRAs and penetration test results into business risk language
•Strong written and verbal communication skills for executive audiences
•Ability to map technical vulnerabilities to business impact and remediation actions
•Ability to work independently and manage multiple priorities in a fast-paced environment
•Strong understanding of cyber vulnerabilities and remediation approaches
•Experience with AI-assisted tools for analysis or reporting (asset)
•Strong data understanding and ability to work with structured and unstructured information

Summary
If you're qualified and interested please submit your resume and one of our experienced Recruiters would be happy to give you a call. Thank you.

Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.

Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to View email address on randstad.com to ensure their ability to fully participate in the interview process.

This posting is for existing and upcoming vacancies. show more