Job Title – Information Risk Management Analyst
Period – 9 months
Location - Toronto, ON
Mode – Hybrid – 3 days
Overview
This role is responsible for conducting detailed information risk assessments to ensure projects align with enterprise risk management standards, policies, and governance requirements. The position is project-based and involves reviewing technology initiatives across multiple business units to identify risks, validate controls, and support compliance.
This is a desk-based role requiring strong analytical, documentation, and stakeholder engagement skills.
Key Responsibilities
- Conduct information risk assessments aligned with global IRM methodologies and standards.
- Evaluate development, deployment, cloud, infrastructure, and security technologies across projects.
- Collaborate with Cloud, Engineering, Architecture, Infrastructure, IT Asset Management, and Risk teams.
- Implement and assess security controls, including cloud and container security within CI/CD pipelines.
- Support security incident investigations and document findings.
- Review project documentation, identify control gaps, and recommend remediation.
- Manage multiple concurrent assessments across departments.
- Maintain accurate documentation and communicate results to stakeholders.
Required Qualifications
- 5–7 years of experience in technology risk, information security, cybersecurity, IT audit, compliance, or related fields (preferably in a regulated financial environment).
- Bachelor’s degree in Computer Science, Engineering, IT Security, or related discipline (or equivalent experience).
- Experience conducting information risk assessments.
- Strong knowledge of:
- Risk assessment and incident response
- Regulatory and control frameworks
- Cloud security, IAM, data protection, infrastructure security
- Familiarity with regulatory frameworks (e.g., OSFI B-13, NIST, SOC 1/SOC 2).
- Experience with tools such as Archer, Jira, Confluence, and ServiceNow.
- Strong analytical, documentation, and organizational skills.
- Ability to identify key IT controls and provide practical recommendations.
- Proven ability to work with stakeholders across technology, cybersecurity, privacy, and risk teams.
Dexian is a leading provider of staffing, IT, and workforce solutions with over 12,000 employees and 70 locations worldwide. As one of the largest IT staffing companies and the 2nd largest minority-owned staffing company in the U.S., Dexian was formed in 2023 through the merger of DISYS and Signature Consultants. Combining the best elements of its core companies, Dexian's platform connects talent, technology, and organizations to produce game-changing results that help everyone achieve their ambitions and goals.
Dexian's brands include Dexian DISYS, Dexian Signature Consultants, Dexian Government Solutions, Dexian Talent Development and Dexian IT Solutions. Visit https://dexian.com/ to learn more. Dexian is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status
