Job Description
Job Title: GRC Analyst
Location: Brampton, ON
Duration: Fulltime Permanent and Contract on T4
Skills
2-3+ years in a Security Governance, Risk and Compliance (GRC) function
Understanding and familiarity with cybersecurity frameworks (ISO, NIST, HiTrust, COBIT, etc.)
Candidate has in-depth knowledge of security domains (Application Security, Cloud Security, Data Protection, Identity and Access Management, Vulnerability Management)
Understanding of prevailing information security threats and risks
Knowledgeable of CIS-Top 20, ISO 27001 security controls
Knowledgeable of PCI-DSS, Data Privacy (GDPR, CCPA) and other regulatory standards
Up-to-date knowledge of information security issues, trends, and leading practices
Expertise in security policy development
Must have a solid understanding of information technology and information security
Relevant security or risk management certifications a plus
Responsibilities
Meet with business stakeholders to identify top security risks
Performing control assessments against enterprise cybersecurity framework
Perform review of policies and supporting procedures/processes
Perform assessments of adherence to standards
Work closely with management on security practices
Develop routine reports in accordance with GRC metrics
Collaborate/Liase with enterprise security managers, IT system and business process owners
Record-keeping of assessment artifacts
Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.